beautypg.com

Required radius server settings, Setting up a radius server – HP Virtual Connect 8Gb 20-port Fibre Channel Module for c-Class BladeSystem User Manual

Page 75

background image

Virtual Connect users and roles 75

Field

Description

Server Timeout

The time in seconds that VCM should wait before timing out the request. If the

primary server times out and a secondary server is configured, VCM attempts the

request on the secondary server. If the secondary server times out, the request

fails. The valid range of values is from 1 to 600 seconds. The default timeout is 10
seconds.

Server Key

A shared secret text string to be used for encrypting user details. This string must

match between VCM and the RADIUS server. The secret-key is a plain text string
of 1 to 128 characters.

Add/Remove Secondary

Server

Select to add or remove a secondary RADIUS server.

To add a secondary server, select the Add/Remove Secondary Server check box to display the Secondary

Server Parameters, complete the fields as described in the table above, and then click Apply. The secondary

server is queried only if the primary server is down or the request to the primary server times out.
To remove a secondary server, clear the Add/Remove Secondary Server check box, and then click Apply.

Required RADIUS server settings

The following RADIUS server settings must be configured on VC to enable RADIUS-based authentication:

Enable or disable flag

Server Address

Server SSL port—the default (well-known) value for RADIUS authentication is 1812.

Server Timeout—the time in seconds by which a server response needs to be received before any retry
for a new request is made. The valid range of values is from 1 to 65535 seconds.

Server Key—this is a plaintext key that must be configured both on VC and on the server. Both keys
should match. The length of the secret key can vary from 1 to 128 characters.

IMPORTANT:

If the same username is used in multiple groups, the HP-VC-Groups attribute must

be the last attribute that is defined.

Setting up a RADIUS server

The following procedure provides an example of setting up a RADIUS server on an external host running
Linux:

1.

Download and install the latest version of the open-source FreeRadius server from the FreeRadius
website (

http://freeradius.org/download.html

).

2.

Add the user entry to the file freeradius-server-2.1.9/raddb/users:

Cleartext-Password := ""
Service-Type = Login-User,
HP-VC-groups =

o

"Cleartext-Password" is used to define the password.

o

"Service-Type" must be always set to "Login-User".

o

"HP-VC-Groups" is a HP-specific attribute used to define the group(s) that a user belongs to.