Manualshelf

HP-UX Mobile IPv4 A.03.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Networking Software
51525354555657585960
%QPHKIWTKPI'ZVGTPCN###%QORQPGPVU
%QPHKIWTKPI(QTGKIP#IGPV+PHQTOCVKQPQP###(QTGKIP#IGPV###(5GTXGTU
Chapter 5
42
Configuring Foreign Agent Information on AAA Foreign
Agent (AAAF) Servers
When a AAA Mobile Node uses a Foreign Agent Care-of Address, the Foreign Agent
must also have a relationship configured with a Mobile AAA server. This AAA server is
known as a AAA Foreign Agent server (AAAF). One of the main functions of an AAAF
is to receive AAA requests from Foreign Agents and forward them to the appropriate
AAAH according to the Mobile Node user NAI.
Configure information about HP-UX Foreign Agents according to the following
requirements and restrictions:
Port Number: The AAAF must listen on the same TCP port number that mipd uses
as the destination port for the AAA server connection. By default, mipd uses
destination port number 1812 (the IANA registered port number for RADIUS). You
can configure an alternate port number for mipd using the -ap aaa_port parameter
of the mipconfig configure global command.
TLS: HP-UX Foreign Agents do not support TLS (Transport Level Security). Do not
configure TLS for HP-UX Foreign Agents. If you want to protect messages between
the Foreign Agent and AAAF, use other security mechanisms, such as HP-UX IPSec.
FQDN: The Fully-Qualified Domain Name you configure on the AAAF for the
Foreign Agent must match the FQDN configured on the Foreign Agent using the
ma-fqdn parameter of the mipconfig configure global command.
Configuring Foreign Agent Information on HP-UX Mobile AAA
Servers
This section contains information about configuring Foreign Agent information that is
specific to HP-UX Mobile AAA servers.
Configuring the AAA Server Listen Port
You do not have to configure the AAA server listen port number if you use the default
HP-UX Mobile AAA Server and HP-UX Mobile IPv4 parameters. By default, the HP-UX
Mobile AAA Server listens on the TCP port number 1812, and the mipd daemon connects
to destination port number 1812 on the AAA server. If you changed the mipd destination
port number, you must change the AAA server listen port when you start the Mobile
AAA server. To do this, use the -dtcp in the iaaaDiameter command or set the
Diameter Port in the Start Options screen of the HP-UX Mobile AAA Server Manager.
Configuring the AAAF
You configure information about the Foreign Agent as a “Peer” on the HP-UX Mobile
AAA server that you want to act as the AAAF. Use the HP-UX Mobile AAA Server
Manager to configure the Foreign Agent information, as described below. The Server
Manager and its related components must be running and you must have a Server
Connection configured for the Mobile AAA server that you want to configure as the
AAAF.
1. Go to the Navigation Tree located in the left frame of the HTML page. Select Peers
under the Configuration branch.