HP-UX AAA Server A.08.02.10 Administrator's Guide HP-UX 11i v3 (T1428-90093, November 2013)

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

101

102

103

104

105

106

107

108

109

110

Sample Policy Files......................................................................................................159

The oath-request-ingress.grp Sample File....................................................................159

The oath-reply-egress.grp Sample File........................................................................159

The oath-proxy-egress.grp Sample File.......................................................................160

17 Configuring EAP-SIM and EAP-AKA Authentication Methods.......................161

EAP-SIM..............................................................................................................................161

Overview........................................................................................................................161

EAP-SIM Authentication Using HP-UX AAA Server.................................................................161

Features..........................................................................................................................163

Benefits..........................................................................................................................164

Configuring EAP SIM........................................................................................................164

EAP-SIM Client Configuration........................................................................................164

EAP-SIM User Credential Lookup Configuration...............................................................164

EAP-SIM Realm-Based Configurations.............................................................................165

Realm-Based EAP-SIM Configuration Information in authfile..........................................165

Realm-Based EAP-SIM Configuration Information in EAP.authfile....................................167

Global EAP-SIM Configuration in aaa.config..................................................................169

EAP-AKA.............................................................................................................................170

Overview........................................................................................................................170

EAP-AKA Authentication Using HP-UX AAA Server................................................................170

Features..........................................................................................................................171

Benefits..........................................................................................................................172

Configuring EAP-AKA.......................................................................................................172

EAP-AKA Client Configuration.......................................................................................172

EAP-AKA User Credential Lookup Configuration..............................................................172

EAP-AKA Realm-Based Configurations............................................................................173

Realm-Based EAP-AKA Configuration Information in authfile.........................................173

Realm-Based EAP-AKA Configuration Information in EAP.authfile...................................174

Global EAP-AKA Configuration in aaa.config.................................................................178

Fast Re-Authentication...........................................................................................................179

Configuring for Fast Re-Authentication.................................................................................179

Configuring for Fast Re-Authentication in EAP.authfile.......................................................180

Sample EAP.authfile Configuration for Fast Re-authentication........................................181

Configuring for Fast Re-Authentication in aaa.config File..................................................181

Sample aaa.config Configuration for Fast Re-authentication.........................................182

Guidelines to Write EAP-SIM and EAP-AKA Fast Re-Authentication Database AATVs.................182

Fast Re-Authentication Database Update AATV...............................................................183

Update AATV Inputs...............................................................................................183

Update AATV Outputs.............................................................................................183

AATV Functionality and Return Events........................................................................183

Fast Re-Authentication Database Lookup AATV................................................................184

Lookup AATV Inputs................................................................................................184

Lookup AATV Outputs.............................................................................................184

Lookup AATV Functionality and Return Events.............................................................185

Pseudonym Identities.............................................................................................................185

Random Pseudonyms........................................................................................................185

Algorithm-Based Pseudonyms.............................................................................................185

Configuring for Pseudonym Identity Support........................................................................187

Sample EAP.authfile Configuration for Random Pseudonym Identity Support........................188

Sample EAP.authfile Configuration for Algorithm-based Pseudonym Identity Support.............189

Sample aaa.config Configuration for Algorithm-based Pseudonym Identity Support..............190

Guidelines to Write EAP-SIM and EAP-AKA Pseudonym Database AATVs................................190

Pseudonym Database Update AATV..............................................................................191

Update AATV Inputs...............................................................................................191

110 Contents