Embedded Files
How to enable RADIUS switch login authentication on an HP switch - This article provides a general overview of how to windows domain usernames and passwords to log onto your HP switch.
It assumes you have a basic knowledge of Microsofts implementation of RADIUS, Network Policy Server (NPS)
Switch configuration
Configure the radius server configuration on the switch (Configure the Microsoft NPS RADIUS server, with a matching key)
radius-server host 192.168.50.80 key reallysecretkeyPut the following configuration on the switch
aaa authentication login privilege-modeaaa authentication console login radius localaaa authentication console enable radius localaaa authentication telnet login radius localaaa authentication telnet enable radius localaaa authentication web login radius localaaa authentication web enable radius localaaa authentication ssh login radius localaaa authentication ssh enable radius localWindows NPS / RADIUS Configuration
Set up your RADIUS server to allow the auth requests
I normally create a group in Active Directory, called NetworkAdmins, and then add the users who will be maintaining the switches to that group..
Add the switch as a client to NPS - I like to prefix all my switches with SW- so that I can reference all switches when I create policies
Match the shared secret with the key you created on the switch earlier
Set up the connection request policy as follows.
Then set up the Network Policy
And then the trickery to make it work, you are returning an attribute here.
Note, you may have to change the the source IP address, so that the switch sources the RADIUS requests from the correct IP address.
How to change the source IP address on an HP Provision switch
ip source-interface radius 1.2.3.4Enjoy :)
Google Sites
Report abuse