Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
661662663664665666667668669670
11-2
RADIUS Server
Overview
Overview
A Remote Access Dial In User Service (RADIUS) server provides centralized
authentication (and sometimes accounting) for a network. The RADIUS protocol
regulates communications between network access servers (NASs) and RADIUS
servers.
The NASs are devices such as switches and Wireless Edge Services zl Modules,
which provide network access to stations. First, however, they can force the stations
to authenticate themselves.
Although the NAS enforces authentication, it does not decide whether a particular
station is authenticated. Instead it submits an authentication request for the station to
the RADIUS server. The RADIUS server decides whether a station can connect to
the network according to the users credentials and the policies configured on the
server.
The Wireless Edge Services zl Module acts as a NAS when it enforces 802.1X, Web
authentication (Web-Auth), or MAC authentication. In addition to forwarding
authentication requests to an external RADIUS server, the module can make
decisions with its internal server. In this second case, the module acts as the NAS and
as the RADIUS server.
You learned about configuring settings for an external RADIUS server in Chapter 4:
“Wireless Local Area Networks (WLANs).” In this chapter, you will learn how to
configure the module’s internal RADIUS server.
The Wireless Edge Services zl Module’s internal RADIUS server can provide the
following services:
authenticating users who attempt to connect to a wireless LAN (WLAN) that
requires authentication to a RADIUS server
responding to authentication requests from network access servers (NASs) in
the wired network
creating accounting logs of user activity on a WLAN