- Community Home
- >
- Servers and Operating Systems
- >
- BladeSystem
- >
- BladeSystem Virtual Connect
- >
- RADIUS Attributes for Virtual Connect
-
- Forums
-
Blogs
- Hybrid Cloud
- Edge
- Data & AI
- Working in Tech
- AI Insights
- Alliances
- Around the Storage Block
- Behind the scenes at Labs
- Careers in Tech
- HPE Storage Tech Insiders
- Inspiring Progress
- IoT at the Edge
- My Learning Certification
- OEM Solutions
- Servers: The Right Compute
- Shifting to Software-Defined
- Telecom IQ
- Transforming IT
- HPE Blog, Austria, Germany & Switzerland
- Blog HPE, France
- HPE Blog, Italy
- HPE Blog, Japan
- HPE Blog, Russia
- HPE Blog, UK & Ireland
- Blogs
-
Quick Links
- Community
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Contact
- Email us
- Tell us what you think
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Aruba Airheads Community
- Enterprise.nxt
- HPE Dev Community
- Cloud28+ Community
- Marketplace
-
Forums
-
Blogs
-
Information
-
English
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
06-04-2012 09:17 AM
06-04-2012 09:17 AM
RADIUS Attributes for Virtual Connect
Glen had a RADIUS question for Virtual Connect:
*******************
Can someone please advise the details for implementing RADIUS authorization with VC? Specifically, what is the Vendor Specific Attribute number for Virtual Connect? Is there any detailed documentation for implementing RADIUS with VC (other than the VC User Guide)?
*************
Info from Pallavi:
********************
Below are the steps to configure RADIUS on VC. You can refer the attachment for some more details on the RADIUS implementation in VC.
Hope this is useful.
Configuring RADIUS authentication on VC
To configure RADIUS on VC, do the following using the VCM GUI or CLI:
Configuring RADIUS using VCM GUI
- Login to the VCM GUI as Administrator.
- Turn RADIUS authentication on, and then configure the RADIUS server.
- Configure the RADIUS Server key.
- If desired, the default UDP port number used to listen to RADIUS can be changed. The well-known port for RADIUS is 1812. Two devices exchanging RADIUS packets must use the same port numbers.
- Configure the timeout period for contacting the RADIUS server.
- Optionally configure the secondary server, if needed.
- Apply and save the configuration.
Configuring RADIUS using VCM CLI
- Login to the VCM CLI as a non–RADIUS user with domain privilege.
- Run the following command to set the TACACS configuration parameters:
a) Configure primary server
-> set radius Enabled=true ServerAddress=<primary server address> Port=1812 ServerKey=<shared-secret server key-as-configured-on-primary-server> Timeout=<no. of seconds>
Example:
-> set radius Enabled=true ServerAddress=10.10.10.113 Port=1812 ServerKey=testing123 Timeout=4
b) Configure secondary server (optional)
-> set radius SecondaryServerAddress=<secondary server address> SecondaryPort=1812 SecondaryServerKey=<shared-secret server key-as-configured-on-secondary-server> SecondaryTimeout=<no. of seconds>
Example:
-> set radius SecondaryServerAddress=10.10.10.115 SecondaryPort=1812 SecondaryServerKey=testing456 Timeout=3
NOTE: Primary and secondary servers can be configured in one command.
- Verify the RADIUS configuration parameters set as shown below:
-> show radius
Enabled : true
ServerAddress : 10.10.10.113
Port : 1812
Timeout : 4
SecondaryServerAddress : 10.10.10.115
SecondaryPort : 1812
SecondaryTimeout : 4
NOTE: Server keys will not be displayed in the CLI output given above.
- If you have logged in using VCM CLI, run the following command to add a RADIUS group. The group-name must match a group configured on the RADIUS server for the relevant user:
-> add radius-group <group-name> privileges=...
Eg: -> add radius-group test privileges=network,storage
- Verify the RADIUS group configuration as shown below:
->show radius-group
==================================
Name Privileges Description
==================================
test network -- --
storage
----------------------------------
Let me know if you need any more information.
***************
Comments or questions?
Hewlett Packard Enterprise International
- Communities
- HPE Blogs and Forum
© Copyright 2019 Hewlett Packard Enterprise Development LP