HP VPN Firewall Appliances Access Control Configuration Guide
243
Configuring AAA in the Web interface
Recommended configuration procedure
Ste
p
Remarks
1. Use one of the following methods to
configure an AAA scheme:
{ Configuring local users
{ Configuring RADIUS schemes
{ Configuring HWTACACS schemes
Required.
Configure at least one scheme.
For information about configuring local users, see
"Configuring local users" or Getting Started Guide.
2. Configuring
AAA
methods for
ISP
domains.
Configuring an ISP domain
Optional.
Create ISP domains and specify one of them as the default
ISP domain.
By default, there is an ISP domain named system, which is
the default ISP domain.
Configuring authentication
methods for the ISP domain
Optional.
Configure authentication methods for various types of users.
By default, all types of users use local authentication.
Configuring authorization
methods for the ISP domain
Optional.
Specify the authorization methods for various types of users.
By default, all types of users use local authorization.
Configuring accounting
methods for the ISP domain
Optional.
Specify the accounting methods for various types of users.
By default, all types of users use local accounting.
Configuring RADIUS schemes
A RADIUS scheme defines a set of parameters that the device uses to exchange information with the
RADIUS servers. There might be authentication servers and accounting servers, or primary servers and
secondary servers. The parameters mainly include the IP addresses of the servers, the shared keys, and
the RADIUS server type. By default, no RADIUS scheme exists.
Configuration procedure
To configure a RADIUS scheme:
1. Select User > RADIUS from the navigation tree.