Manualshelf

HP-UX AAA Server A.08.00.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
201202203204205206207208209210
Then…If you have configured
Replace <realm> with the inner realm name
configured in step 1 using the following syntax:
Tunneled realms with the same inner and outer
realms for EAP authentication
PEAP (EAP-GTC):
<realm>/peap
Or
TTLS (PAP):
<realm>/ttls
6. Reload the configuration changes by selecting Reload from the Administration
screen of the Server Manager. If the server is not running, start the HP-UX AAA
Server to read the configuration.
7. Configure the proxy target server for OTP validation as follows:
If the target proxy server is an HP-UX AAA Server:
1. Configure the proxy server as a client using the same shared secret of the
proxy server. For more information, see “Configuring RADIUS Clients
Using the Access Devices Screen” (page 96).
2. Configure the proxy target server to validate OTP. For more information,
see “Validating OTP Alone” (page 195).
IMPORTANT: While specifying the realm in the remote servers
request-ingress.grp file always use the following syntax:
if ((count (User-Name) > 0) && (substr (User-Name after
"@") = "<realm>"))
{
insert Otp-ActionId = 16
exit "ACK"
}
If you have configured tunneled realms with different inner and outer
realms for EAP authentication, then replace the <realm> variable with
the inner realm name.
If the target proxy server is not an HP-UX AAA Server, see the documentation
of the target RADIUS server to configure OTP authentication.
NOTE: While configuring the proxy target server you must configure it using
the realm name that you have configured in Step 1.
The HP-UX AAA Server is now configured for validating password on the local server
and forwarding the OTP to another RADIUS server for validation.
208 OATH Standards-Based OTP Authentication