Owner manual

ManualsBrandsHP ManualsStorageVMA-series Memory Arrays

191

192

193

194

195

196

197

198

199

200

AM456-9026A HP VMA SAN Gateway User’s Guide 193

• remote-only: Only try to map a remote authenticated user if the authentication server sends a

local-user mapping attribute. If the attribute does not specify a valid local user, no further

mapping is tried.

• local-only: All remote users will be mapped to the user specified by the

aaa authorization map

default-user

<user name> command. Any vendor attributes received by an authentication

server are ignored.

show aaa

Shows the current authentication and authorization settings.

RADIUS Configuration

radius-server timeout <seconds>

no radius-server timeout

Sets (or resets to the default) a global communication value for all RADIUS servers. Can be

overridden in a

radius-server host command. The default is 3. Sets the timeout for

retransmitting a request to any RADIUS server. Range is 1-60.

radius-server retransmit <retries>

no radius-server retransmit

Sets (or resets to 0) a global communication value for all RADIUS servers. Can be overridden in a

radius-server host command. Defaults to 1. Sets the number of times the client will attempt

to authenticate with any RADIUS server. To disable retransmissions set it to zero. Range is 0-5.

radius-server key <string>

no radius-server key

Sets (or clears) a global communication value for all RADIUS servers. Can be overridden in a

radius-server host command. Sets the shared secret text string used to communicate with any

RADIUS server.

radius-server host {hostname , ip-address} [auth-port <port-number>]

[timeout <seconds>] [retransmit <retries>] [key <string>]

no radius-server host {hostname , ip-address} [auth-port <port-number>]

Add a RADIUS server to the set of servers used for authentication. Some of the parameters given

may override the configured global defaults for all RADIUS servers. The

auth-port defaults to

1812 and is used for authentication requests.

The same IP address can be used in more than one

radius-server host command as long as

the

auth-port is different for each. auth-port is a UDP port number. auth-port must be

specified immediately after the host option (if present).

no radius-server host {hostname , ip-address} is specified, all radius specific

configuration for this host is deleted.

no radius-server host {hostname , ip-address}