Manualshelf

HP-UX AAA Server A.08.00.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
451452453454455456457458459460
information can be used to identify the external service accessed to process the
RADIUS request.
Some external service failures do not result in the HP-UX AAA Server recording
a message in the server logfile. For example, if the HP-UX AAA Server times out
on waiting on a busy database server, it does not record an error in the logfile. No
reply is sent to the RADIUS client.
Protocol Limitations
The HP-UX AAA Server communicates with the RADIUS client using the RADIUS
protocol. The RADIUS protocol has the following limitations:
RADIUS packets are transmitted using the connectionless UDP transport protocol.
Therefore, a RADIUS request that does not reach the recipient needs to be
retransmitted by the sender. Usually, the sender retransmits the request if it times
out while waiting for the acknowledgement.
The RADIUS protocol specification allows the HP-UX AAA Server to send
Access-Accept and Access-Reject messages only, in response to an Access-Request.
The HP-UX AAA Server cannot send status information about a request to the
RADIUS client.
Messages that do not contain correct information in accordance with the RADIUS
protocol specifications will be silently discarded by the HP-UX AAA Server without
any reply or status being sent to the client
Supplicants connecting to the HP-UX AAA Server over a WLAN can use EAP protocols.
The same EAP protocols must be configured at the supplicant, access point, and HP-UX
AAA Server EAP realm configuration.
RADIUS Client and Supplicant Considerations
The HP-UX AAA Server supports several RADIUS clients, supplicants, and OTP token
generators. For a list of RADIUS clients, supplicants, and OTP token generators that
have been certified for the HP-UX AAA Server, see the HP-UX AAA Server A.08.00.01
Release Notes (T1428-90067). Consider the following:
If the RADIUS client does not receive a reply from the HP-UX AAA Server, it
behaves as if the HP-UX AAA Server is offline. It can retransmit the request after
the timeout to the same HP-UX AAA Server or a secondary HP-UX AAA Server,
based on the configuration.
Not all RADIUS clients maintain an error log.
Probable Causes for Failure 459