beautypg.com

Adding a radius server – HP McDATA 4Gb SAN Switch for HP BladeSystem p-Class User Manual

Page 55

background image

McDATA® 4Gb SAN Switch for HP p-Class BladeSystem user guide

55

Adding a RADIUS server

A RADIUS server provides a method to centralize user and device authentication over a network.

Figure 22

RADIUS Server Information dialog—Add Server tab page

To add a RADIUS server:

1.

Select

Switch > Radius Servers in the faceplate display. The Radius Servers... option will not be

available unless the SSL service is enabled. See ”

System services

” on page 73 for information about

enabling the SSL service.

2.

Click the

Add Server tab in the Radius Server Information dialog shown in

Figure 22

.

3.

Select

Device, User, or Account for the server type.

4.

Enter the remote IP address of the server in the

IP Address field.

5.

Enter the remote UDP port number of the Authentication RADIUS Server in the

UDP Port field.

The RADIUS Accounting Server UDP port will always be the value of Device/User Authentication Server
UDP Port + 1. When enabled, the RADIUS Accounting Server audits user activity whether
UserAuthServer is enabled or not. The RADIUS Accounting Server default is False.

6.

Enter the timeout value in seconds (minimum of 1 second, maximum of 30 seconds) in the

Timeout

field. This is the number of seconds the RADIUS client will wait for a response from the RADIUS server
before retrying, or giving up on a request.

7.

Enter the number of retries in the

Retries field. This is the maximum number of times the RADIUS client

will retry a request sent to the primary RADIUS server.

8.

Select

Sign Packet to enable the switch to include a digital signature (Message-Authenticator) in all

RADIUS access request packets sent to the RADIUS server. A valid Message-Authenticator attribute will
be required in all RADIUS server responses.

9.

Enter the server secret in the

Secret field. A secret is required for all RADIUS servers. The secret is used

when generating and checking the Message-Authenticator attribute.

10.

Click

Add Server to add the server.

11.

Click

Modify Authentication Order tab, and verify that Device Authentication Order and User

Authentication Order options are set to Radius or Radius Local. See ”

Modifying RADIUS server

authentication order

” on page 58 for more information.

a. RADIUS—Only attempts to authenticate using the RADIUS server (another computer that provides

authentication).

b. RADIUS Local—Attempts to authenticate using the RADIUS server. If the switch can not contact the

RADIUS server due to a network or some other problem, the switch will authenticate using the local
password database.

12.

Click

Close to close the Radius Server Information dialog.

See also other documents in the category HP Storage: