Manualshelf

HP StorageWorks Enterprise File Services WAN Accelerator Deployment Guide (November 2005)

ManualsBrandsHP ManualsSoftwareHP StorageWorks M200 WAN Accelerator Manager LTU
101102103104105106107108109110
HP EFS WAN ACCELERATOR DEPLOYMENT GUIDE 99
9 - RADIUS AND TACACS+
A
UTHENTICATION
Configuring a RADIUS Server with
FreeRADIUS
You can, on a per user basis, specify a different local account mapping by using
a vendor specific attribute. This section describes how to configure the
FreeRADIUS server to return an attribute (which specifies the local user
account as an ASCII string). The file paths are the default values. If the
RADIUS server installation has been customized, the paths might differ.
The directory /usr/local/share/freeradius is where the dictionary files are
stored. This is where RADIUS attributes can be defined. Assuming the vendor
does not have established dictionary file in the FreeRADIUS distribution, you
begin the process by creating a file called: dictionary.<vendor>.
The contents of the dictionary.<vendor> file define a vendor identifier (which
ought to be the Structure of Management Information (SMI) Network
Management Private Enterprise Code of the Vendor), and the definitions for
any vendor specific attributes.
In the following example, the Vendor Enterprise Number for HP is 17613 and
the Enterprise Local User Name Attribute is 1. These numbers specify that a
given user is an admin or monitor user in the RADIUS server (instead of using
the HP EFS WAN Accelerators default for users not named admin and
monitor).
These instruction assume you are running FreeRADIUS, v.1.0, which is
available from http://www.freeradius.org.
To install FreeRADIUS
on a Linux computer
1. Download FreeRadius from http://www.freeradius.org.
2. At your system prompt, enter the following set of commands:
>tar xvzf freeradius-$VERSION.tar.gz
>cd freeradius-$VERSION
>./configure
>make
>make install #as root
To add acceptance
requests on the
RADIUS server
1. In a text editor, open the /usr/local/etc/raddb/clients.conf file.
2. To create the key for the RADIUS server, add the following text to the
clients.conf file:
client 10.0.0.0/16 {
secret = testradius
shortname = main-network
nastype = other
}