Required radius server settings, Setting up a radius server – HP Virtual Connect 8Gb 20-port Fibre Channel Module for c-Class BladeSystem User Manual
Page 75
Virtual Connect users and roles 75
Field
Description
Server Timeout
The time in seconds that VCM should wait before timing out the request. If the
primary server times out and a secondary server is configured, VCM attempts the
request on the secondary server. If the secondary server times out, the request
fails. The valid range of values is from 1 to 600 seconds. The default timeout is 10
seconds.
Server Key
A shared secret text string to be used for encrypting user details. This string must
match between VCM and the RADIUS server. The secret-key is a plain text string
of 1 to 128 characters.
Add/Remove Secondary
Server
Select to add or remove a secondary RADIUS server.
To add a secondary server, select the Add/Remove Secondary Server check box to display the Secondary
Server Parameters, complete the fields as described in the table above, and then click Apply. The secondary
server is queried only if the primary server is down or the request to the primary server times out.
To remove a secondary server, clear the Add/Remove Secondary Server check box, and then click Apply.
Required RADIUS server settings
The following RADIUS server settings must be configured on VC to enable RADIUS-based authentication:
•
Enable or disable flag
•
Server Address
•
Server SSL port—the default (well-known) value for RADIUS authentication is 1812.
•
Server Timeout—the time in seconds by which a server response needs to be received before any retry
for a new request is made. The valid range of values is from 1 to 65535 seconds.
•
Server Key—this is a plaintext key that must be configured both on VC and on the server. Both keys
should match. The length of the secret key can vary from 1 to 128 characters.
IMPORTANT:
If the same username is used in multiple groups, the HP-VC-Groups attribute must
be the last attribute that is defined.
Setting up a RADIUS server
The following procedure provides an example of setting up a RADIUS server on an external host running
Linux:
1.
Download and install the latest version of the open-source FreeRadius server from the FreeRadius
website
2.
Add the user entry to the file freeradius-server-2.1.9/raddb/users:
Service-Type = Login-User,
HP-VC-groups =
o
"Cleartext-Password" is used to define the password.
o
"Service-Type" must be always set to "Login-User".
o
"HP-VC-Groups" is a HP-specific attribute used to define the group(s) that a user belongs to.
- Virtual Connect FlexFabric 10Gb24-port Module for c-Class BladeSystem Virtual Connect Flex-10 10Gb Ethernet Module for c-Class BladeSystem Virtual Connect 4Gb Fibre Channel Module for c-Class BladeSystem Virtual Connect FlexFabric-20.40 F8 Module for c-Class BladeSystem Virtual Connect Flex-10.10D Module for c-Class BladeSystem Virtual Connect 8Gb 24-port Fibre Channel Module for c-Class BladeSystem