Manualshelf

F3215-HP Load Balancing Module Security Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
61626364656667686970
55
Configuring RADIUS schemes
A RADIUS scheme specifies the RADIUS servers that the device can cooperate with and defines a set of
parameters that the device uses to exchange information with the RADIUS servers. There might be
authentication/authorization servers and accounting servers, or primary servers and secondary servers.
The parameters include the IP addresses of the servers, the shared keys, and the RADIUS server type.
RADIUS scheme configuration task list
Task Remarks
Creating a RADIUS scheme Required.
Specifying the RADIUS authentication/authorization servers Required.
Specifying the RADIUS accounting servers and the relevant parameters Optional.
Specifying the shared keys for secure RADIUS communication Optional.
Specifying a VPN for the RADIUS scheme Optional.
Setting the username format and traffic statistics units Optional.
Setting the supported RADIUS server type Optional.
Setting the maximum number of RADIUS request transmission attempts Optional.
Setting the status of RADIUS servers Optional.
Specifying the source IP address for outgoing RADIUS packets Optional.
Setting RADIUS timers Optional.
Configuring RADIUS accounting-on Optional.
Configuring the IP address of the security policy server Optional.
Configuring interpretation of the RADIUS class attribute as CAR parameters Optional.
Enabling the trap function for RADIUS Optional.
Enabling the RADIUS client service Optional.
Displaying and maintaining RADIUS Optional.
Creating a RADIUS scheme
Before you perform other RADIUS configurations, first create a RADIUS scheme and enter RADIUS
scheme view. A RADIUS scheme can be referenced by multiple ISP domains at the same time.
To create a RADIUS scheme and enter RADIUS scheme view:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Create a RADIUS scheme and
enter RADIUS scheme view.
radius scheme
radius-scheme-name
By default, no RADIUS scheme is
created.
Specifying the RADIUS authentication/authorization servers
In RADIUS, user authorization information is piggybacked in authentication responses sent to RADIUS
clients. It is neither allowed nor needed to specify a separate RADIUS authorization server.