HP (Hewlett-Packard) 700wl Series Switch User Manual

Open as PDF

of 388

Configuring Authentication

<value><string>Monday:Wednesday:Friday

</string></value>

</member>

<member><name>startDate</name>

</member>

<member><name>stopDate</name>

</member>

</struct></value>

</data>

</array></value>

</member>

</struct><value>

</data>

</array></value>

</member>

<member><name>hashed_string</name>

</member>

</struct></value>

</param>

</params>

</methodResponse>

NT Domain Logon

NT Domain logon requires that the 700wl Series system be able to monitor (or “sniff”) packets going

between an unauthenticated client (or reauthenticating client) and the network. When the 700wl Series

system detects that a successful authentication has occurred, it then provides access rights based on the

Access Policy associated with the Connection Profile and Identity Profile that apply to that client.

NT Domain logon does not require configuration as anAuthentication Service within the 700wl Series

system. You simply need to include it as a selected service in the appropriate Authentication Policy.

However, there are a number of considerations when using NT Domain Logon for authentication.

NT Domain logon does not work with clients whose IP addresses are NAT’ed. If you plan to use NT

Domain Logon, the following conditions apply:

• You must have an external DHCP server available to provide real IP addresses for your clients. See

“Network Communication—the Basic Setup Tab” on page 6-19 for more information.

• Access Policies associated with those clients must specify the Network Address Translation setting of

When Necessary (see “Creating or Editing an Access Policy” on page 4-43 for more information).

• In Access Policies associated both with unknown and authenticated clients that use NT Domain logon,

the appropriate Allowed Traffic filters must be enabled, depending on the type of traffic used for the

organization’s Microsoft Domain implementation:

— The Kerberos Allowed Traffic filter

— The SMB Allowed Traffic filters (SMB 137, SMB 138, and SMB 139)

— An Allowed Traffic filter to allow (

dst port 389) for LDAP.

The Kerberos and SMB Allowed Traffic filters are predefined, and are enabled in the

Unauthenticated Access Policy, which is the default policy for unknown clients. These must be

HP ProCurve Secure Access 700wl Series Management and Configuration Guide 5-27

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

HP (Hewlett-Packard) 700wl Series Switch User Manual