HP-UX AAA Server A.07.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

131

132

133

134

135

136

137

138

139

140

Table of Contents

13 Securing LAN Access With EAP.............................................................................................142

Overview...........................................................................................................................142

The Secure LAN Advisor............................................................................................142

Preparing Your LAN ........................................................................................................143

Determining the EAP Authentication Method to Use......................................................144

Securing WLANs with the HP-UX AAA Server..............................................................146

Digital Certificate Administration....................................................................................147

Using the “Self-Signed” Digital Certificates................................................................147

Installing Your Own Digital Certificates and Keys.....................................................148

Installing Server Certificates and Keys..................................................................149

Installing Client Certificates and Keys...................................................................149

Defining Certificate Locations on the HP-UX AAA Server...................................149

14 Managing Sessions...............................................................................................................152

Session Logs......................................................................................................................152

Displaying Session Attributes.....................................................................................152

Stopping a Session.......................................................................................................153

Session Limits...................................................................................................................153

Setting Limits on a User-by-User Basis.......................................................................154

Setting Timeout Values..........................................................................................154

Establishing a Filter................................................................................................154

Limiting Access Points (NAS-Port, NAS-ID, Calling-Station ID, and others).......154

Denying Access (Called-Station-ID and others)....................................................155

Limiting Simultaneous Sessions............................................................................155

Setting Limits for Users on a Global Basis..................................................................156

Setting Limits for All User Profiles Grouped by Realms.......................................156

15 Assigning IP Addresses..........................................................................................................157

Assigning Static IP Addresses..........................................................................................157

To Assign a Static IP (IPv4) Address to a Profile in Flat Files.....................................157

To Assign a Static IPv6 Address to a Profile in Flat Files............................................158

To Assign Static Traditional IP (IPv4) Addresses to a User Profile in an LDAP LDIF

File...............................................................................................................................160

To Assign Static IPv6 Addresses to a User Profile in an LDAP LDIF File..................161

Assigning Dynamic IP Addresses Using DHCP..............................................................161

16 OATH Standards-Based OTP Authentication.............................................................................162

OTP and OATH Overview................................................................................................162

HP-UX AAA Server and OATH Support.........................................................................163

Components Required to Configure OTP Authentication...............................................164

Configuring OTP Authentication on the HP-UX AAA Server ........................................165

OTP Authentication Configuration Flowchart............................................................165

Basic or Typical Configuration....................................................................................167

140 Table of Contents