HP StorageWorks Fabric OS 3.X Document Addendum (AA-RW24A-TE, January 2005)

ManualsBrandsHP ManualsStorageB-series Embedded Switches

141

142

143

144

145

146

147

148

149

150

Fabric OS procedures user guide

142 Fabric OS 3.x Document Addendum

Setting Up the Switch

The following procedures show how to use the aaaconfig command to set up a single

switch for RADIUS service. You can also set up multiple switches simultaneously with the HP

Fabric Manager optional software tool.

To display the current RADIUS configuration, issue the command:

aaaConfig ”--show“

If a configuration exists, its parameters are displayed. If RADIUS service is not configured,

only the parameter heading line is displayed. Parameters are:

To add a RADIUS server to the configuration, issue the command:

aaaConfig ”--add server [-p port] [-s secret] [-t timeout] [-a]–“

Enabling and Disabling RADIUS Service:

At least one RADIUS server must be configured before you can enable RADIUS service.

To enable or disable RADIUS service, issue the command:

aaaConfig ”--radius on | off“

Specifying on enables the service; specifying off disables it.

If no RADIUS configuration exists, turning it on triggers an error message. When the

command succeeds, an event is sent to the event log, indicating that the configuration is

enabled or disabled.

Position The order in which servers are contacted to provide service

Server The server names or IP addresses

Port The server ports

Secret The shared secrets

Timeouts The length of time servers have to respond before the next server is

contacted

Authentication The type of authentication being used on servers

where:

server Is a server name or IP address. Avoid duplicating server listings

(that is, listing the same server once by name and again by IP

address). Up to five servers can be added to the configuration.

-p port Is an option; enter a server port. The default is port 1812.

-s secret Is an option; enter a shared secret. The default is sharedsecret.

Secrets can contain 8 to 40 alphanumeric characters.

-t timeout Is an option; enter the length of time (in seconds) the server has to

respond before the next server is contacted. The default is 3 seconds.

Timeout values can range from 1 to 30 seconds.

-a Is an option; specify that the PAP protocol be used instead of the

CHAP protocol for packets traveling between the switch and the

server.