HP 2600 Series User Manual

5-7

RADIUS Authentication and Accounting

Configuring the Switch for RADIUS Authentication

Outline of the Steps for Configuring RADIUS
Authentication

There are three main steps to configuring RADIUS authentication:

1.

Configure RADIUS authentication for controlling access through one or
more of the following

•

Serial port

•

Telnet

•

SSH

•

Web browser interface (2600, 2600-PWR, and 2800 switches running
software releases H.08.58 and I.08.60 or greater)

•

Port-Access (802.1X)

2.

Configure the switch for accessing one or more RADIUS servers (one
primary server and up to two backup servers):

N o t e

This step assumes you have already configured the RADIUS server(s) to
support the switch. Refer to the documentation provided with the
RADIUS server documentation.)

•

Server IP address

•

(Optional) UDP destination port for authentication requests (default:
1812; recommended)

•

(Optional) UDP destination port for accounting requests (default:
1813; recommended)

•

(Optional) encryption key for use during authentication sessions with
a RADIUS server. This key overrides the global encryption key you
can also configure on the switch, and must match the encryption key
used on the specified RADIUS server. (Default: null)

3.

Configure the global RADIUS parameters.

•

Server Key:

This key must match the encryption key used on the

RADIUS servers the switch contacts for authentication and account-
ing services unless you configure one or more per-server keys.
(Default: null.)

•

Timeout Period:

The timeout period the switch waits for a RADIUS

server to reply. (Default: 5 seconds; range: 1 to 15 seconds.)

•

Retransmit Attempts:

The number of retries when there is no server

response to a RADIUS authentication request. (Default: 3; range of 1
to 5.)