HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 178
Caution, local, authorized, < enable | login >, peap-mschapv2, chap-radius
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 178 highlights
Caution RADIUS Authentication, Authorization, and Accounting Configuring the Switch for RADIUS Authentication ure local for the secondary method. This prevents the possibility of being completely locked out of the switch in the event that all primary access methods fail. Syntax: aaa authentication < console | telnet | ssh | web | < enable | login > web-based | mac-based > Configures RADIUS as the primary password authentication method for console, Telnet, SSH, and/or the web browser interface. (The default primary < enable | login > authentication is local.) [< local | none | authorized >] Provides options for secondary authentication (default: none). Note that for console access, secondary authentication must be local if primary access is not local. This prevents you from being locked out of the switch in the event of a failure in other access methods. : Password authentication for web-based or mac-based port access to the switch. Use peap-mschapv2 when you want password verification without requiring access to a plain text password; it is more secure. Default: chap-radius [none | authorized]: Provides options for secondary authentication. The none option specifies that a backup authentication method is not used. The authorized option allows access without authentication. (default: none). In certain situations, RADIUS servers can become isolated from the network. Users are not able to access the network resources configured with RADIUS access protection and are rejected. To address this situation, configuring the authorized secondary authentication method allows users unconditional access to the network when the primary authentication method fails because the RADIUS servers are unreachable. Configuring authorized as the secondary authentication method used when there is a failure accessing the RADIUS servers allows clients to access the network unconditionally. Use this method with care. 5-11