Manualshelf

HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
81828384858687888990
Forwarding Authentication Requests to a Remote Server
To forward authentication requests to a remove server, complete the following steps:
1. Follow the steps listed in “Creating or Modifying a Proxy” (page 82).
2. In the Realms to Forward field, select the Add Realms option.
3. Complete the Proxy Realm screen that appears by entering the name of the realm.
4. Select Yes if accounting requests are not to be forwarded to the proxy server.
5. On the Proxy Realm screen, click Save.
6. Repeat steps 2 to 4 for each realm that must be forwarded to the remote server. To remove a
realm that has been added, select the realm name from the Realms to forward drop-down list
and click Delete.
7. Complete the remaining fields if necessary.
8. Click Create.
9. From the navigation tree, click Save Configuration.
10. On the Save Configuration screen that appears, click Save.
CAUTION: Clicking Save saves the entire server configuration (access devices, proxies,
local realms, users, and server properties) to the servers you specify.
NOTE: By default, accounting requests originating from the realm are also forwarded to the
remote server.
Changing RADIUS Port Numbers
If a remote server is listening for authentication or accounting requests on ports that are not the
RADIUS defaults, you must configure the local server to forward messages to the correct port. The
current RADIUS default ports are 1812 and 1813. For Dynamic Authorization, the default port is
3799. Many older RADIUS servers listen for requests on ports 1645 and 1646.
Forwarding Requests to Alternate RADIUS Ports
Complete the following steps to forward requests to alternate RADIUS ports:
1. If you have not already configured the remote server, complete the steps listed in “Creating
or Modifying a Proxy” (page 82). If the proxy configuration already exists, access it from the
proxy screen.
2. In the Authentication relay port and Accounting relay port fields of the Proxy attributes screen,
specify the alternate ports.
3. Click Create.
4. From the navigation tree, click Save Configuration.
CAUTION: Clicking Save Configuration saves the entire server configuration (access devices,
proxies, local realms, users, and server properties) to the servers you specify.
Forwarding Accounting Requests
The HP-UX AAA Server forwards accounting start and stop messages to the remote proxy server.
The server can be configured to suppress forwarding of accounting start and stop messages by
local session logging. Table 19 lists the account message logging combinations that are possible.
Changing RADIUS Port Numbers 85