Manualshelf

User's Manual

ManualsBrandsHP ManualsSoftwareHP Cloud Network Manager Software Series
51525354555657585960
ensure that the RADIUS traffic is routed to the required RADIUS server, enable the dynamic RADIUS proxy
feature.
For the AP clients to authenticate to the RADIUS servers through a different IP address and VLAN, ensure that the
following steps are completed:
1. Enable dynamic RADIUSproxy.
2. Configure dynamic RADIUSproxy IP, VLAN. netmask, gateway for each authentication server.
3. Associate the authentication servers to SSID or a wired profile to which the clients connect.
After completing the above steps, you can authenticate the SSID users against the configured dynamic
RADIUSproxy parameters.
Enabling dynamic RADIUS proxy
To enable RADIUS RADIUS proxy:
1. Select Wireless Configuration > System. The System data pane is displayed.
2. In GENERAL, select Enabled from DYNAMIC RADIUS PROXY.
3. Click Save Settings.
When dynamic RADIUS proxy is enabled, ensure that a static VC IP is configured. For more information on configuring
VC IP address, see Configuring VC IP address on page 32.
When dynamic RADIUS proxy is enabled, the VC network uses the IP Address of the VC for communication with
external RADIUS servers. Ensure that the VC IP Address is set as a NAS IP when configuring RADIUS server attributes
with dynamic RADIUS proxy enabled. For more information on configuring RADIUS server attributes, see Configuring
an external server for authentication on page 49.
Configuring dynamic RADIUS proxy parameters for authentication servers
To configure DRP parameters for the authentication server:
1. Select Wireless Configuration > Security > AUTHENTICATION SERVERS.
2. To create a new server, click New and configure the required RADIUSserver parameters as described in Table
21.
3. Ensure that the following dynamic RADIUS proxy parameters are configured:
l DRP IP IP address to be used as source IP for RADIUS packets
l DRP MASKSubnet mask of the DRP IP address.
l DRP VLAN—VLAN in which the RADIUS packets are sent.
l DRP GATEWAYGateway IP address of the DRP VLAN.
4. Click Save Server.
Configuring 802.1X authentication for a network profile
The Cloud Network Manager network supports internal RADIUS server and external RADIUS server for 802.1X
authentication.
The steps involved in 802.1X authentication are as follows:
1. The NAS requests authentication credentials from a wireless client.
2. The wireless client sends authentication credentials to the NAS.
3. The NAS sends these credentials to a RADIUS server.
HP Cloud Network Manager | User Guide Wireless configuration | 52