R3166-R3206-HP High-End Firewalls Access Control Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

141

142

143

144

145

146

147

148

149

150

136

Figure 91 RADIUS server configuration

Configuration procedure

• Create an ISP domain, configure its AAA scheme as RADIUS scheme named system, and configure

accounting that is optional. (Omitted).

• Configure the serial ports. (Omitted)

• Configure the Ethernet ports. (Omitted)

• Configure RADIUS scheme system.

# Configure the RADIUS authentication and accounting server as follows:

• From the navigation tree, select User > RADIUS > Server Configuration.

• Select Authentication Server as the server type.

• Enter 10.110.91.146 as the IP address of the primary server, and 1812 as the UDP port.

• Select active as the primary server status.

• Click Apply to finish the configuration.

• Select Accounting Server as the server type.

• Enter 10.110.91.146 as the IP address of the primary server, and 1813 as the UDP port.

• Select active as the primary server status.

• Click Apply to finish the setting.

# Configure the parameters for communication between the device and the RADIUS server:

• From the navigation tree, select User > RADIUS > Parameter Configuration.

• Select extended as the server type.

• Select the Authentication Server Shared Key check box and enter expert in the text box.

• Enter expert in the Confirm Authentication Shared Key text box.

• Select the Accounting Server Shared Key check box and enter expert in the text box.

•

Enter ex

pert in the Confirm Accounting Shared Key text box.

• Select without-domain for the username format.

• Click Apply to finish the configuration.

Configuring RADIUS schemes in the CLI

A RADIUS scheme specifies the RADIUS servers that the device can cooperate with and defines a set of

parameters that the device uses to exchange information with the RADIUS servers. There may be

authentication/authorization servers and accounting servers, or primary servers and secondary servers.

The parameters include the IP addresses of the servers, the shared keys, and the RADIUS server type.

Internet

Firewall A

PPP user

Authentication / Accounting servers

10.110.91.146

PSTN

GE 0/1

10.110.91. 160