XYGATE User Authentication Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

141

142

143

144

145

146

147

148

149

150

XYGATE

User Authentication

™

Reference Manual

Chapter 14. Configuring the RADIUS Interface

XYPRO Technology Corporation 122 Proprietary and Confidential

What is the TCPIP process name <$ZTCP2>?

Refer to your answer to Question 3 in Table 6. Specify the name of the current

TCP/IP process through which XUA will communicate with the proxy and then to

the RADIUS server. The name you specify here will be entered in the UACONF file

as the value for RADIUS_PROXY_IP_PROC.

How many seconds should XUA wait for a RADIUS response before timeout occurs<30>?

XUA will wait for this number of seconds for a response from the RADIUS server

before deciding that it is not available. Once the timeout is reached, XUA will

process the logon request according to the RADIUS_AUTHENTICATE

configuration value (when ON, the logon will be denied; when OPTIONAL, the

authentication will be performed by Safeguard).

Do you want to use RADIUS authentication for all NonStop users <No>?

Refer to your answer to Question 5 in Table 6. Your response determines whether

or not all users, some users or no users will be authenticated via the RADIUS

method. The value you specify here will determine the value used in the UACONF

file for the value for RADIUS_AUTHENTICATE. If the answer here is YES, a value

of ON will be used for this parameter; otherwise, the value will be set to OFF.

Do you want to require a Guardian password in addition to RADIUS authentication

for all NonStop users <NO>?

Refer to your answer to Question 6 in Table 6. Your response determines whether

or not all users, some users or no users will be required to enter a PASSWORD in

addition to their RADIUS PASSWORD. The value you specify here will determine

the value in the UACONF for the keyword RADIUS_REQUIRE_PASSWORD. If the

answer here is YES, then a value of ON will be used for this parameter; otherwise,

the value will be set to OFF.

Enter RADIUS shared secret?

RADIUS shared secret is a case-sensitive password used to validate

communications between a RADIUS proxy and a RADIUS server. The value

entered at this prompt must match the value for the “shared secret” configured on

the external RADIUS server. The macro creates an edit file named RADIUSSS.

The shared secret value entered by the user will be put in the RADIUSSS file.

RADIUS configuration :

! ------------- RADIUS UACONF Section -----------------------

RADIUS_HOST MYCOMPANY.LOCAL-NET

RADIUS_PROXY_IP_PROC $ZTCP2

RADIUS_PROXY_TIMEOUT 30

RADIUS_PORT 1812

RADIUS_AUTHENTICATE OFF

RADIUS_REQUIRE_PASSWORD OFF

RADIUS_PROXY_LOG /G/system/xygateua/zzradlog