HPE Community
Aruba & ProVision-based
1752271 Members
4658 Online
108786 Solutions
New Discussion

Re: I want to secure the radius auth request by Radius User Password or Chap Password of my own

 
abhipro
Occasional Visitor

‎09-25-2017 10:13 PM

‎09-25-2017 10:13 PM

I want to secure the radius auth request by Radius User Password or Chap Password of my own

I want to configure the HP Procurve switch with a radius user password defined by me.

Currently the default user password is alwas the mac address of the client connected to port. This is same as the User Name field in radius message. So there is no security here. 

Same goes for Chap Password as well. Its always calculated from the mac address of client connected to port or the User Name of radius packet !

Is there a way to do it !

 

0 Kudos
2 REPLIES 2
TerjeAFK
Respected Contributor

‎09-26-2017 03:19 AM

‎09-26-2017 03:19 AM

Re: I want to secure the radius auth request by Radius User Password or Chap Password of my own

Have you considered TACACS+ if you are worried about Radius security?

0 Kudos
abhipro
Occasional Visitor

‎09-26-2017 04:14 AM

‎09-26-2017 04:14 AM

Re: I want to secure the radius auth request by Radius User Password or Chap Password of my own

Thanks for replying and suggesting TACACS+

However I was looking for a way to avoid cases in radius communication where the shared secret key of the server does not match the secret configured in Procurve. In this case the server does not know that the reply it send got rejected. And we have to rely on some monitoring to ensure the configuration is proper

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.