beautypg.com

HP StorageWorks 2.32 Edge Switch User Manual

Page 164

background image

SANtegrity Security Center

164

Figure 97

Main window with Security tab, Authentication, Radius Servers tab

A maximum of three Radius servers can be set up per switch. The device that needs to authenticate

by Radius server always display sat the top of the table. If the first device does not respond after a

certain amount of time due to connection or other configuration problems, the next device is

authenticated and so on.
The Radius servers and Sequence table includes information about the following:

The Host Name can be an IP Address.

The UDP Port displays the number that the device uses to contact the Radius server. The port

number is 1812 by default.

The Time out(sec) displays the amount of time to wait for a response from the Radius server

before retransmitting the packet. It may be 1 to 1000; the default is 2 seconds.

The Retries column specifies the number of times a packet is sent to a Radius server if a response

is not received before the timeout. After the retransmit limit is reached, the Gateway switches to

the next server. The value may be 1 to 100; the default is 3 attempts.

The Dead Time setting located below the Radius servers and Sequence table apply to all

available Radius servers. If a Radius server does not respond to an authentication request, it can

be marked as “dead” for a specified time interval. This can speed up authentication by

eliminating timeouts and retransmissions. If no alternate Radius servers are available, which

means that only one server is configured or that all servers are marked as dead, the dead time

is ignored. The dead time may be 0 to 1440 minutes; the default is 0.