HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

281

282

283

284

285

286

287

288

289

290

25 Using DHCP

The HP-UX AAA server can act as a Dynamic Host Configuration Protocol (DHCP) relay to request

IP address assignments from a DCHP server. Currently, only DHCPv4 is supported. To use DHCP,

you must associate address pools with the AAA server’s incoming requests. The following are the

two methods you can use to associate address pools with incoming requests:

• Associate an address pool with specific users or specific realms

• Configure HP-UX AAA Server decision files to associate an address pool for a condition. See

Chapter 27 (page 300) for more information.

The HP-UX AAA Server can act as a relay for most DHCP servers.

Required DHCP Server Features

DHCP server has the ability to assign addresses from its IP address pools based on the User Class

or Vendor Class Identification attribute.

Recommended DHCP Server Features

• DHCP server has the ability to assign IP addresses outside the network it resides in. Many

RADIUS/DHCP deployments will require this capability.

• DHCP server has the ability to send to ports above the well-known port range (0-1023). Without

this capability the AAA server will not be able to run as a non-root process.

Defining DHCP Address Pools for Specific Users

Use the following steps to associate DHCP address pools with specific users. The procedure for

associating address pools with specific users depends on where the user profile is stored.

NOTE: The name of the pool referenced in the user profile must match the name of a pool defined

on the DHCP server.

To Associate an Address Pool with a User Profile in AAA Server Flat Files

1. On the navigation tree, select Local Realms.

The Local Realms screen is displayed.

2. Click the Users icon for the realm the user is in.

The Users screen appears.

3. Click the Edit icon next to the user you want to associate with an address pool.

The Add/Modify Users screen appears.

4. Select the Free tab on top of the Modify Users screen.

5. Enter the address pool for the user in the Reply Item field, for example:

Address-Pool=<Name-of-pool>

6. Click Modify.

To Associate an Address Pool with a User Profile in an LDAP LDIF File

1. From the command line, open the LDIF file the user profile is stored in.

2. Add the following lines to the user profile:

aaaReply: Interlink:Address-Pool=<Name-of-pool>

Required DHCP Server Features 285