XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

131

132

133

134

135

136

137

138

139

140

XYGATE

User Authentication

™

Reference Manual

Chapter 14. Configuring the RADIUS Interface

XYPRO Technology Corporation 112 Proprietary and Confidential

The following RADIUS-related keywords can be changed by editing the UACONF file

directly, only after the Install macro run is completed.

RADIUS_AUTHENTICATE { ON | OFF | OPTIONAL }

RADIUS_HOST <DNS name | IP address>

RADIUS_PORT <port number>

RADIUS_PROXY_ENV "<string>"

RADIUS_PROXY_IP_PROC <$process name>

RADIUS_PROXY_LOG <oss pathname>

RADIUS_PROXY_TIMEOUT <number>

RADIUS_REQUIRE_PASSWORD { ON | OFF }

14.3 Prepare the NonStop System for RADIUS Authentication

This section describes how to prepare the NonStop system for authentication via the

RADIUS protocol.

14.3.1 Checking for Network-Related Configuration

Password verification via RADIUS requires communication between the HP NonStop

system and another system in the network that hosts the RADIUS server. To assure

the success of such communication, the HP NonStop system's TCP/IP stack must be

configured in a certain way.

This document assumes that the system configuration files (HOSTS, RESCONF,

SERVICES, etc.) exist in the $SYSTEM.ZTCPIP subvolume. System configurations

differ from site to site. Some sites may have the files in different or multiple

subvolumes. In the most efficient scenario, there will be DEFINEs or PARAMs in the

TACL environment pointing to the active files. The existence of DEFINEs may be

checked with the following commands:

info define =tcpip^resolver^name

info define =tcpip^service^name

info define =tcpip^protocol^name

info define =tcpip^host^file

These DEFINEs may not always exist in your TACL session. They may only have

been included when the system processes started. In this case, executing the above

DEFINE commands will not return any information, but will not mean the DEFINEs

were not loaded on the process startup.

The information about which files are correct and should be checked should be

acquired from the system administrator.

Make sure that the files listed in this section exist and are set up properly.