R3721-F3210-F3171-HP High-End Firewalls Access Control Configuration Guide-6PW101
176
Item Descri
p
tion
Key Specify the shared key for communication with the RADIUS server.
If no shared key is specified here, the shared key specified in the common
configuration part is used.
Confirm Key
VPN
Specify the VPN to which the RADIUS server belongs.
If no VPN is specified here, the VPN specified in the common configuration part is
used.
RADIUS configuration example in the web interface
Network requirements
As shown in Figure 142, run the RADIUS server runs on IMC to provide authentication, authorization, and
accounting services for Telnet users. Add an account on the RADIUS server, with the username
hello@bbb and password abc. Set the privilege level for the user to 3.
Set the shared keys for authentication, authorization, and accounting packets exchanged between
Firewall and the RADIUS server to expert and specify the ports for authentication/authorization and
accounting as 1812 and 1813 respectively.
Configure the Firewall to include the domain name in a username sent to the RADIUS server.
Figure 142 Network diagram
Configuring the RADIUS server running on IMC
This example assumes that the RADIUS server runs on IMC PLAT 3.20-R2602 and IMC UAM
3.60-E6102.
1. Add Firewall to IMC as an access device:
a. Log in to IMC, click the Service tab, and then select Access Service > Service Configuration
from the navigation tree.
b. Click Add to configure an access device as follows:
Set the shared key for authentication and accounting packets to expert.
Specify the ports for authentication and accounting as 1812 and 1813, respectively.
Select Device Management Service as the service type.
Select HP as the access device type.
Select SecPath from the device list or manually add it with the IP address of 10.1.1.2.
c. Click OK.