Manualshelf

HP StorageWorks Enterprise File Services WAN Accelerator 2.1.7 Deployment Guide (407118 - 003, June 2006)

ManualsBrandsHP ManualsComputer AccessoriesHP StorageWorks Enterprise File Services (EFS) DL320-2020 WAN Accelerator
101102103104105106107108109110
HP STORAGEWORKS ENTERPRISE FILE SERVICES WAN ACCELERATOR 2.1.7 DEPLOYMENT GUIDE 103
9 - RADIUS AND TACACS+
A
UTHENTICATION
Configuring a RADIUS Server with
FreeRADIUS
You can, on a per user basis, specify a different local account mapping by using a
vendor specific attribute. This section describes how to configure the FreeRADIUS
server to return an attribute (which specifies the local user account as an ASCII string).
The file paths are the default values. If the RADIUS server installation has been
customized, the paths might differ.
The directory /usr/local/share/freeradius is where the dictionary files are stored. This
is where RADIUS attributes can be defined. Assuming the vendor does not have an
established dictionary file in the FreeRADIUS distribution, you begin the process by
creating a file called: dictionary.<vendor>.
The contents of the dictionary.<vendor> file define a vendor identifier (which ought
to be the Structure of Management Information (SMI) Network Management Private
Enterprise Code of the Vendor), and the definitions for any vendor specific attributes.
In the following example, the Vendor Enterprise Number for HP EFS WAN
Accelerator is 17163 and the Enterprise Local User Name Attribute is 1. These
numbers specify that a given user is an admin or monitor user in the RADIUS server
(instead of using the HP EFS WAN Accelerators default for users not named admin
and monitor).
These instructions assume you are running FreeRADIUS, v.1.0, which is available
from http://www.freeradius.org.
To install FreeRADIUS
on a Linux computer
1. Download FreeRadius from http://www.freeradius.org.
2. At your system prompt, enter the following set of commands:
>tar xvzf freeradius-$VERSION.tar.gz
>cd freeradius-$VERSION
>./configure
>make
>make install #as root
To add acceptance
requests on the
RADIUS server
1. In a text editor, open the /usr/local/etc/raddb/clients.conf file.
2. To create the key for the RADIUS server, add the following text to the clients.conf
file:
client 10.0.0.0/16 {
secret = testradius
shortname = main-network
nastype = other