Manualshelf

HP Advanced Services zl Module with Microsoft® Windows Server® 2008 R2 Planning and Design Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
55565758596061626364
5-10
Solution 4: Survivable Authentication and Authorization
Solution Implementation
Again, follow Microsoft guidelines for installing and configuring these
services. No special considerations apply to the server running on this
module that would not apply to another branch office server.
Important The PCM+ agent will take control of TCP port 21, which is the standard port
for FTP. You must change the port on which the FTP server listens, or the FTP
services will fail.
When you configure NPS, you need to add your network infrastructure
devices as RADIUS clients. However, you do not need to create access
policies; these policies will be created on IDM and deployed to the NPS
agent.
8. Install the IDM agent on the module.
a. Contact the PCM+/IDM server at the main site at port 8040. (You must
open this port in any firewalls between the branch and the main site.)
b. Download the IDM agent for Windows NPS.
c. Launch the installer and follow the prompts to install the agent.
The NPS running on the module will now receive policies from the central
IDM solution. (The branch server administrator only needs to configure
one policy, which permits 802.1X authentication requests.) Refer to the
Identity Driven Manager User’s Guide for more details.
9. Install the PCM+ agent on the module.
a. Contact the PCM+/IDM server at the main site at port 8040.
b. Download the PCM+ agent.
c. Launch the installer and follow the prompts to install the agent. Note
that the PCM+ server at the data center must be configured to permit
connections from this agent. Several ports must also be opened on
firewalls between the data center and the branch; by default, these
are TCP 51111 and 51112. Refer to the ProCurve Manager User’s
Guide for more information.
10. You can then install any other desired roles, features, and applications. As
with any server, you must follow the guidelines provided by Microsoft or
an application’s vendor to determine whether and how your server and
environment can support the desired service.