Manualshelf

HP MSR2000/3000/4000 Router Series Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP MSR2003 AC Router
31323334353637383940
28
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter RADIUS scheme view.
radius scheme
radius-scheme-name
N/A
3. Set the RADIUS server
response timeout timer.
timer response-timeout seconds The default setting is 3 seconds.
4. Set the quiet timer for the
servers.
timer quiet minutes The default setting is 5 minutes.
5. Set the real-time accounting
timer.
timer realtime-accounting minutes The default setting is 12 minutes.
Configuring the accounting-on feature
When the accounting-on feature is enabled, the device automatically sends an accounting-on packet to
the RADIUS server after a reboot. Upon receiving the accounting-on packet, the RADIUS server logs out
all users who access the network through the device, so they could re-log in through the device. Without
this feature, these users cannot log in again after the reboot, because the RADIUS server would consider
them online already.
You can configure the interval for which the device waits to resend the accounting-packet and the
maximum number of retries.
To configure the accounting-on feature for a RADIUS scheme:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter RADIUS scheme view.
radius scheme
radius-scheme-name
N/A
3. Enable accounting-on.
accounting-on enable [ interval
seconds | send send-times ] *
By default, the accounting-on
feature is disabled.
Configuring the IP addresses of the security policy servers
The NAS verifies the validity of received control packets and accepts only control packets from known
servers. To use a security policy server that is independent of the AAA servers, configure the IP address
of the security policy server on the NAS.
The security policy server is the management and control center of the HP EAD solution. To implement all
EAD functions, configure both the IP address of the security policy server and that of the IMC Platform on
the NAS.
To configure the IP address of a security policy server for a scheme:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter RADIUS scheme
view.
radius scheme radius-scheme-name N/A