Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1331133213331334133513361337133813391340
A-106
Command-Line Reference
Global Configuration Context
Replace <secret key> with your RADIUS server’s secret key.
Replace <NAS ID> with the TMS zl Module’s NAS ID on your network.
If you use the optional domain-name option, replace <domain name> with the
domain name associated with your RADIUS server. In this case, users who
authenticate to this RADIUS server must submit their username followed by
@<domain name>. Use the optional strip-domain option to configure the
module to remove the domain name from the credentials before forwarding
them to the RADIUS server.
If you do not use the domain-name option, the server will be placed in the global
domain. Users who log in without a domain name or with a domain name not
assigned to another server are authenticated to this server.
Note You must enter the domain-name option to specify the strip-domain option.
If you want to the strip the domain from requests to a server that is not assigned
a domain name, enter global for the domain-name option.
For example, to add a RADIUS server with the IP address 10.10.10.10 and to
specify “procurve” as the secret key, TMS as the NAS ID, and a domain name
of “hp.com,” enter the following command:
ProCurve(tms-module-<slot ID>)# radius-server host
10.10.10.10 secret procurve nas-id tms domain-name hp.com
To delete a specified RADIUS server, enter the following command:
Syntax: no radius-server host <IP address> domain-name <domain name>
Replace <IP address> with the IP address of the RADIUS server.
Replace <domain name> with the domain name associated with your RADIUS
server. If the RADIUS server was not associated with a domain, you must
replace <domain name> with global.
rate-limit
This command allows you to set rate limits on your firewall access policies.
To configure rate limiting on a firewall access policy, you will need to know
the user group and rule ID of the access policy. You can configure the following
parameters:
Absolute maximum number of connections
Maximum number of connections for a specified time period