Linux – HP Brocade 4Gb SAN Switch for HP BladeSystem p-Class User Manual
Page 50
50
Configuring standard security features
25.
Repeat the procedure to set the admin remote access policy, with these differences:
• In
, enter a policy name for the admin role (for example,
HP Admin
) in the space provided.
, enter the name of the Windows group that contains login names assigned to the admin
role.
, enter
admin
in the Attribute Value space.
Linux
Use the following procedure on a Linux FreeRADIUS server to:
•
Set up a vendor dictionary file and include it in the system dictionary file.
•
Identify a switch as a RADIUS client.
•
Set up user accounts and roles.
•
Test the configuration.
1.
Log in to the server and change directory to the RADIUS configuration file directory. Typically, this
directory is located at
/usr/local/etc/raddb
.
2.
Use a text editor to create a vendor dictionary file called
dictionary.brocade
and enter the
following lines into the file:
3.
Save
dictionary.brocade
.
4.
Open the system
dictionary
file in a text editor and add this line:
The
dictionary
file is located in the RADIUS configuration directory.
5.
Save the
dictionary
file.
6.
Open the
client.config
file in a text editor and add the switches that are to be configured as
RADIUS clients. For example, to configure the switch at IP address 10.32.170.59 as a client:
The
client.config
file is located in the RADIUS configuration directory.
In this example, the switch name is Testing Switch and its shared secret is Secret. Make sure that the
shared secret matches that configured on the switch (see ”
To add a RADIUS server to the switch
7.
Save
client.config
.
#
# dictionary.brocade
#
VENDOR Brocade
1588
#
# attributes
#
ATTRIBUTE Brocade-Auth-Role 1
string
Brocade
$INCLUDE dictionary.brocade
client 10.32.170.59
secret
= Secret
shortname
= Testing Switch
nastype
= other