HP-UX AAA Server A.07.01 Administrator's Guide
Securing WLANs with the HP-UX AAA Server.........................................................146
Digital Certificate Administration...............................................................................147
Using the “Self-Signed” Digital Certificates..........................................................147
Installing Your Own Digital Certificates and Keys................................................148
Installing Server Certificates and Keys.............................................................149
Installing Client Certificates and Keys.............................................................149
Defining Certificate Locations on the HP-UX AAA Server..............................149
14 Managing Sessions.........................................................................................................152
Session Logs.................................................................................................................152
Displaying Session Attributes................................................................................152
Stopping a Session..................................................................................................153
Session Limits..............................................................................................................153
Setting Limits on a User-by-User Basis..................................................................154
Setting Timeout Values.....................................................................................154
Establishing a Filter...........................................................................................154
Limiting Access Points (NAS-Port, NAS-ID, Calling-Station ID, and
others)...............................................................................................................154
Denying Access (Called-Station-ID and others)...............................................155
Limiting Simultaneous Sessions.......................................................................155
Setting Limits for Users on a Global Basis.............................................................156
Setting Limits for All User Profiles Grouped by Realms.................................156
15 Assigning IP Addresses....................................................................................................157
Assigning Static IP Addresses.....................................................................................157
To Assign a Static IP (IPv4) Address to a Profile in Flat Files................................157
To Assign a Static IPv6 Address to a Profile in Flat Files......................................158
To Assign Static Traditional IP (IPv4) Addresses to a User Profile in an LDAP
LDIF File.................................................................................................................160
To Assign Static IPv6 Addresses to a User Profile in an LDAP LDIF File.............161
Assigning Dynamic IP Addresses Using DHCP.........................................................161
16 OATH Standards-Based OTP Authentication.......................................................................162
OTP and OATH Overview..........................................................................................162
HP-UX AAA Server and OATH Support....................................................................163
Components Required to Configure OTP Authentication..........................................164
Configuring OTP Authentication on the HP-UX AAA Server ..................................165
OTP Authentication Configuration Flowchart......................................................165
Basic or Typical Configuration...............................................................................167
Advanced Configuration........................................................................................168
Advanced OTP Authentication Configuration Concepts.................................169
Attributes for Configuring OTP Authentication.........................................172
Advanced Deployment Scenarios.....................................................................177
Validating OTP Alone..................................................................................178
Configuring Two-Factor Authentication.....................................................180
OTP or Password Validation at External RADIUS Server...........................187
Table of Contents 7