Manualshelf

HP-UX AAA Server A.08.00.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
12345678910
13 Securing LAN Access With EAP........................................................................................154
Overview.....................................................................................................................154
The Secure LAN Advisor.......................................................................................154
Preparing Your LAN ...................................................................................................155
Determining the EAP Authentication Method to Use................................................156
Securing WLANs with the HP-UX AAA Server.........................................................159
Digital Certificate Administration...............................................................................159
Using the “Self-Signed” Digital Certificates..........................................................160
Installing Your Own Digital Certificates and Keys................................................161
Installing Server Certificates and Keys.............................................................161
Installing Client Certificates and Keys.............................................................162
Defining Certificate Locations on the HP-UX AAA Server..............................162
14 Managing Sessions.........................................................................................................164
Session Logs.................................................................................................................164
Displaying Session Attributes................................................................................164
Stopping a Session..................................................................................................165
Session Limits..............................................................................................................165
Setting Limits on a User-by-User Basis..................................................................166
Setting Timeout Values.....................................................................................166
Establishing a Filter...........................................................................................166
Limiting Access Points (NAS-Port, NAS-ID, Calling-Station ID, and
others)...............................................................................................................166
Denying Access (Called-Station-ID and others)...............................................167
Limiting Simultaneous Sessions.......................................................................167
Setting Limits for Users on a Global Basis.............................................................168
Setting Limits for All User Profiles Grouped by Realms.................................168
15 Assigning IP Addresses....................................................................................................169
Assigning Static IP Addresses.....................................................................................169
To Assign a Static IP (IPv4) Address to a Profile in Flat Files................................169
To Assign a Static IPv6 Address to a Profile in Flat Files......................................170
To Assign Static Traditional IP (IPv4) Addresses to a User Profile in an LDAP
LDIF File.................................................................................................................172
To Assign Static IPv6 Addresses to a User Profile in an LDAP LDIF File.............173
Assigning Dynamic IP Addresses Using DHCP.........................................................173
16 OATH Standards-Based OTP Authentication.......................................................................174
OTP and OATH Overview..........................................................................................174
HP-UX AAA Server and OATH Support....................................................................175
Supported OTP Functions for RADIUS Standard Password (PAP) and MS-CHAP
v2.................................................................................................................................177
Components Required to Configure OTP Authentication..........................................178
Configuring OTP Authentication on the HP-UX AAA Server ..................................178
OTP Authentication Configuration Flowchart......................................................179
Basic or Typical Configuration...............................................................................182
Table of Contents 7