HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

101

102

103

104

105

106

107

108

109

110

Sample Policy Files......................................................................................................158

The oath-request-ingress.grp Sample File....................................................................158

The oath-reply-egress.grp Sample File........................................................................158

The oath-proxy-egress.grp Sample File.......................................................................159

17 Configuring EAP-SIM and EAP-AKA Authentication Methods.......................160

EAP-SIM..............................................................................................................................160

Overview........................................................................................................................160

EAP-SIM Authentication Using HP-UX AAA Server.................................................................160

Features..........................................................................................................................162

Benefits..........................................................................................................................163

Configuring EAP SIM........................................................................................................163

EAP-SIM Client Configuration........................................................................................163

EAP-SIM User Credential Lookup Configuration...............................................................163

EAP-SIM Realm-Based Configurations.............................................................................164

Realm-Based EAP-SIM Configuration Information in authfile..........................................164

Realm-Based EAP-SIM Configuration Information in EAP.authfile....................................166

Global EAP-SIM Configuration in aaa.config..................................................................168

EAP-AKA.............................................................................................................................169

Overview........................................................................................................................169

EAP-AKA Authentication Using HP-UX AAA Server................................................................169

Features..........................................................................................................................170

Benefits..........................................................................................................................171

Configuring EAP-AKA.......................................................................................................171

EAP-AKA Client Configuration.......................................................................................171

EAP-AKA User Credential Lookup Configuration..............................................................171

EAP-AKA Realm-Based Configurations............................................................................172

Realm-Based EAP-AKA Configuration Information in authfile.........................................172

Realm-Based EAP-AKA Configuration Information in EAP.authfile...................................173

Global EAP-AKA Configuration in aaa.config.................................................................177

Fast Re-Authentication...........................................................................................................178

Configuring for Fast Re-Authentication.................................................................................178

Configuring for Fast Re-Authentication in EAP.authfile.......................................................179

Sample EAP.authfile Configuration for Fast Re-authentication........................................180

Configuring for Fast Re-Authentication in aaa.config File..................................................180

Sample aaa.config Configuration for Fast Re-authentication.........................................181

Guidelines to Write EAP-SIM and EAP-AKA Fast Re-Authentication Database AATVs.................181

Fast Re-Authentication Database Update AATV...............................................................182

Update AATV Inputs...............................................................................................182

Update AATV Outputs.............................................................................................182

AATV Functionality and Return Events........................................................................182

Fast Re-Authentication Database Lookup AATV................................................................183

Lookup AATV Inputs................................................................................................183

Lookup AATV Outputs.............................................................................................183

Lookup AATV Functionality and Return Events.............................................................184

Pseudonym Identities.............................................................................................................184

Random Pseudonyms........................................................................................................184

Algorithm-Based Pseudonyms.............................................................................................184

Configuring for Pseudonym Identity Support........................................................................186

Sample EAP.authfile Configuration for Random Pseudonym Identity Support........................187

Sample EAP.authfile Configuration for Algorithm-based Pseudonym Identity Support.............188

Sample aaa.config Configuration for Algorithm-based Pseudonym Identity Support..............189

Guidelines to Write EAP-SIM and EAP-AKA Pseudonym Database AATVs................................189

Pseudonym Database Update AATV..............................................................................190

Update AATV Inputs...............................................................................................190

Contents 109