Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
181182183184185186187188189190
2-65
Initial Setup in Routing Mode
Configure Management Access
It sets the following AVP for the connection: Service-Type = Adminis-
trative.
To authenticate operator users, the RADIUS server requires a policy that
meets these criteria:
It selects RADIUS requests according to any of the attributes shown
in Table 2-13; again, the group to which operators belong is a common
choice for the criteria.
Note Again, it is best practice to add Service-Type = NAS-Prompt-User to the
selection criteria for the management access policy.
It sets the following AVP for the connection: Service-Type = NAS
Prompt.
Table 2-13. RADIUS Attributes Sent in Management Access RADIUS Request
Set the High Availability VLAN
Even if you do not plan to configure the module for high availability (HA), you
should change the HA VLAN from the default to prevent unwanted multicast
or broadcast traffic from occupying the firewalls resources.
If you do plan to configure the module for HA, first configure the module’s
other settings, then configure HA. See Chapter 8: “High Availability.”
If you to not plan to configure the module for HA, complete the following steps:
1. Access the host switch CLI and create a VLAN that is not used in your
network. Do not assign the switch an IP address on this VLAN, and do not
assign any switch ports to the VLAN.
2. In the TMS zl Module Web browser interface navigation bar, click System
> Settings > High Availability.
Attribute Value
Username Username submitted in the log in window
Password Password submitted in the log in window
Calling-Station-ID User’s IP address
NAS-Identifier NAS Identifier configured for the module when you
specified the RADIUS server
NAS-IP-Address Module IP address on the TMS VLAN that connects
to the RADIUS server
Service-Type NAS-Prompt-User