HP StorageWorks 1606 Brocade Web Tools Administrator's Guide v6.3.0 (53-100134 - Page 282
RADIUS service management
View all HP StorageWorks 1606 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 282 highlights
17 RADIUS service management 4. Select a permission for the host from the Access Control List menu. Options are Read Only and Read Write. 5. Click Apply. NOTE The port number is not included. RADIUS service management Fabric OS supports RADIUS authentication, authorization, and accounting service (AAA). When configured for RADIUS, the switch becomes a Network Access Server (NAS) that acts as a RADIUS client. In this configuration, authentication records are stored in the RADIUS host server database. Login and logout account name, assigned role, and time accounting records are also stored on the RADIUS server. You should set up RADIUS service through a secure connection such as SSH. The following are the three choices in the drop-down menu when RADIUS is selected as the primary service: • Switch Database when RADIUS Authentication Fails-When selected, the switch user login database is checked whenever RADIUS authentication fails. • Switch Database When RADIUS Times Out-Switch user login database is checked only if the physical connection to the RADIUS server fails. • None-Switch user login database is never checked. Only a RADIUS server can be used for authentication. FIGURE 131 Choices in the Secondary AAA Service drop-down menu If the switch database is selected as primary, there is no secondary option. The RADIUS server cannot be configured as a backup for the switch user login database. When the primary AAA service is RADIUS you can enable the secondary service which offers three choices: • None • Switch Database when RADUIS authorization fails • Switch Database when RADIUS times out When RADIUS login fails, even though RADIUS server is available, the additional service allows you the option to use the Switch Database as backup authentication service when the RADIUS server is not available. Alternatively, you can have no secondary AAA service, which means that only the primary service is used for authentication. Use the AAA Service tab of the Switch Administration window to manage the RADIUS service (Figure 132). 250 Web Tools Administrator's Guide 53-1001343-01