beautypg.com

Radius configuration – HP VMA-series Memory Arrays User Manual

Page 193

background image

AM456-9026A

HP VMA SAN Gateway User’s Guide

193

remote-only: Only try to map a remote authenticated user if the authentication server sends a
local-user mapping attribute. If the attribute does not specify a valid local user, no further
mapping is tried.

local-only: All remote users will be mapped to the user specified by the

aaa

authorization map

default-user

command. Any vendor attributes received by an authentication

server are ignored.

show aaa

Shows the current authentication and authorization settings.

RADIUS Configuration

radius-server timeout
no radius-server timeout

Sets (or resets to the default) a global communication value for all RADIUS servers. Can be

overridden in a

radius-server host

command. The default is 3. Sets the timeout for

retransmitting a request to any RADIUS server. Range is 1-60.

radius-server retransmit
no radius-server retransmit

Sets (or resets to 0) a global communication value for all RADIUS servers. Can be overridden in a

radius-server host

command. Defaults to 1. Sets the number of times the client will attempt

to authenticate with any RADIUS server. To disable retransmissions set it to zero. Range is 0-5.

radius-server key
no radius-server key

Sets (or clears) a global communication value for all RADIUS servers. Can be overridden in a

radius-server host

command. Sets the shared secret text string used to communicate with any

RADIUS server.

radius-server host {hostname , ip-address} [auth-port ]
[timeout ] [retransmit ] [key ]
no radius-server host {hostname , ip-address} [auth-port ]

Add a RADIUS server to the set of servers used for authentication. Some of the parameters given

may override the configured global defaults for all RADIUS servers. The

auth-port

defaults to

1812 and is used for authentication requests.

The same IP address can be used in more than one

radius-server host

command as long as

the

auth-port

is different for each.

auth-port

is a UDP port number.

auth-port

must be

specified immediately after the host option (if present).

If

no radius-server host {hostname , ip-address}

is specified, all radius specific

configuration for this host is deleted.

no radius-server host {hostname , ip-address}

This manual is related to the following products:
See also other documents in the category HP Storage: