HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

221

222

223

224

225

226

227

228

229

230

215

Ste

Command

Remarks

2. Enable the trap function for

RADIUS.

radius trap { accounting-server-down |

authentication-error-threshold |

authentication-server-down }

Disabled by default.

Enabling the RADIUS client service

To receive and send RADIUS packets, enable the RADIUS client service on the device. If RADIUS is not

required, disable the RADIUS client service to avoid attacks that exploit RADIUS packets.

To enable the RADIUS client service:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enable the RADIUS client

service.

radius client enable

Optional.

Enabled by default.

Displaying and maintaining RADIUS

Task Command

Remarks

Display the configuration of

RADIUS schemes.

display radius scheme [ radius-scheme-name ] [ |

{ begin | exclude | include } regular-expression ]

Available in any view.

Display the RADIUS packet

statistics.

display radius statistics [ | { begin | exclude |

include } regular-expression ]

Available in any view.

Display information about

buffered stop-accounting

requests for which no

responses have been

received.

display stop-accounting-buffer { radius-scheme

radius-scheme-name | session-id session-id |

time-range start-time stop-time | user-name

user-name } [ | { begin | exclude | include }

regular-expression ]

Available in any view.

Clear RADIUS statistics. reset radius statistics Available in user view.

Clear the buffered

stop-accounting requests for

which no responses have

been received.

reset stop-accounting-buffer { radius-scheme

radius-scheme-name | session-id session-id |

time-range start-time stop-time | user-name

user-name }

Available in user view.

Configuring HWTACACS schemes

You cannot remove the HWTACACS schemes in use or change the IP addresses of the HWTACACS

servers in use.

HWTACACS configuration task list

Task Remarks

Creating an HWTACACS scheme Required.

Specifying the HWTACACS authentication servers Required.

Specifying the HWTACACS authorization servers Optional.

Specifying the HWTACACS accounting servers and the relevant parameters Optional.