HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

Time-Based Values..................................................................................................103

Client A-V Pairs......................................................................................................103

User Entry A-V Pairs................................................................................................103

Session Tracking.....................................................................................................103

Writing Livingston CDR Accounting Records....................................................................104

Livingston CDR Session Record Format.......................................................................104

Changing the Accounting Log Filename.........................................................................105

Changing the Accounting Log Rollover Interval................................................................105

Rolling Over the Log File and Accounting Stream and Setting the Log Level.........................105

III Advanced Configuration Information........................................................107

13 Securing LAN Access With EAP..........................................................112

Overview........................................................................................................................112

The Secure LAN Advisor..............................................................................................112

Preparing Your LAN ........................................................................................................113

Determining the EAP Authentication Method to Use..............................................................113

Securing WLANs with the HP-UX AAA Server......................................................................115

Digital Certificate Administration........................................................................................115

Using the “Self-Signed” Digital Certificates.....................................................................116

Installing Your Own Digital Certificates and Keys.............................................................116

Installing Server Certificates and Keys.......................................................................117

Installing Client Certificates and Keys........................................................................117

Defining Certificate Locations on the HP-UX AAA Server..............................................117

14 Managing Sessions...........................................................................119

Session Logs....................................................................................................................119

Displaying Session Attributes........................................................................................119

Stopping a Session......................................................................................................120

Session Limits..................................................................................................................120

Setting Limits on a User-by-User Basis.............................................................................120

Setting Timeout Values............................................................................................120

Establishing a Filter.................................................................................................120

Limiting Access Points (NAS-Port, NAS-ID, Calling-Station ID, and others).......................121

Denying Access (Called-Station-ID and others)............................................................121

Limiting Simultaneous Sessions.................................................................................121

Setting Limits for Users on a Global Basis.......................................................................122

Setting Limits for All User Profiles Grouped by Realms..................................................122

15 Assigning IP Addresses......................................................................123

Assigning Static IP Addresses............................................................................................123

To Assign a Static IP (IPv4) Address to a Profile in Flat Files...............................................123

To Assign a Static IPv6 Address to a Profile in Flat Files....................................................124

To Assign Static Traditional IP (IPv4) Addresses to a User Profile in an LDAP LDIF File...........125

To Assign Static IPv6 Addresses to a User Profile in an LDAP LDIF File................................125

Assigning Dynamic IP Addresses Using DHCP.....................................................................126

16 OATH Standards-Based OTP Authentication..........................................127

OTP and OATH Overview.................................................................................................127

HP-UX AAA Server and OATH Support...............................................................................128

Supported OTP Functions for RADIUS Standard Password (PAP) and MS-CHAP v2....................129

Components Required to Configure OTP Authentication.........................................................130

Configuring OTP Authentication on the HP-UX AAA Server ...................................................130

OTP Authentication Configuration Flowchart...................................................................130

Basic or Typical Configuration.......................................................................................133

Advanced Configuration..............................................................................................134

Advanced OTP Authentication Configuration Concepts................................................134

6 Contents