HP (Hewlett-Packard) 2626 (J4900A/B) Switch User Manual


 
5-7
RADIUS Authentication and Accounting
Configuring the Switch for RADIUS Authentication
Outline of the Steps for Configuring RADIUS
Authentication
There are three main steps to configuring RADIUS authentication:
1. Configure RADIUS authentication for controlling access through one or
more of the following
Serial port
•Telnet
•SSH
Web browser interface (2600, 2600-PWR, and 2800 switches running
software releases H.08.58 and I.08.60 or greater)
Port-Access (802.1X)
2. Configure the switch for accessing one or more RADIUS servers (one
primary server and up to two backup servers):
Note This step assumes you have already configured the RADIUS server(s) to
support the switch. Refer to the documentation provided with the
RADIUS server documentation.)
Server IP address
(Optional) UDP destination port for authentication requests (default:
1812; recommended)
(Optional) UDP destination port for accounting requests (default:
1813; recommended)
(Optional) encryption key for use during authentication sessions with
a RADIUS server. This key overrides the global encryption key you
can also configure on the switch, and must match the encryption key
used on the specified RADIUS server. (Default: null)
3. Configure the global RADIUS parameters.
Server Key: This key must match the encryption key used on the
RADIUS servers the switch contacts for authentication and account-
ing services unless you configure one or more per-server keys.
(Default: null.)
Timeout Period: The timeout period the switch waits for a RADIUS
server to reply. (Default: 5 seconds; range: 1 to 15 seconds.)
Retransmit Attempts: The number of retries when there is no server
response to a RADIUS authentication request. (Default: 3; range of 1
to 5.)