R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101
155
Figure 115 Configure AAA for Telnet users through a RADIUS server
Configuration procedure
1. Configure the RADIUS server(IMC)
NOTE:
This example assumes that the RADIUS server runs IMC PLAT 5.0(E0101) or IMC UAM 5.0(E0101).
# Add an access device.
Log into the IMC management platform, select the Service tab, and select Access Service > Access Device
from the navigation tree to enter the Access Device List page. Then, click Add to enter the Add Access
Device page and perform the following configurations:
• Set the shared keys for authentication and accounting packets to expert
• Specify the ports for authentication and accounting as 1812 and 1813 respectively
• Select Device Management Service as the service type
• Select HP as the access device type
• Select the card from the device list or manually add the card with the IP address of 10.1.1.2
• Click OK to finish the operation.
NOTE:
The IP address of the access device must be the same as the source IP address of the RADIUS packets sen
t
from the LB module. By default, the source IP address of a RADIUS packet is the IP address of the interface
through which the packet is sent out.
• If the LB module uses the default IP address to send RADIUS packets, you must specify the IP address of
the access device as the IP address of the outgoing interface. In this example, with the IP address of
Te n - G i g a b i t E t h e r n e t 0 / 0 . 2 b e i n g 10 .1.1. 2, y o u n e e d t o s e t t h e I P a d d re s s o f t h e a c c e s s d e v i c e t o 10 .1.1. 2
accordingly.
• If the LB module uses the source IP address specified with the nas-ip or radius nas-ip command to send
RADIUS packets, you must set the IP address of the access device to the specified source IP address.
Internet
LB
RADIUS server
10.1.1.1/24
XGE0/0.1
192.168.1.70/24
XGE0/0.2
10.1.1.2/24