HP Cloud Network Manager Software manual Configuring authentication servers

Page 49

LEAP— Lightweight Extensible Authentication Protocol (LEAP) uses dynamic Wired Equivalent Privacy (WEP) keys for authentication between the client and authentication server.

To use the internal database of an AP for user authentication, add the names and passwords of the users to be authenticated.

HP does not recommend the use of LEAP authentication because it does not provide any resistance to network attacks.

Authentication termination on AP

Cloud Network Manager allows EAP termination for PEAP-Generic Token Card (PEAP-GTC) and Protected Extensible Authentication Protocol-Microsoft Challenge Authentication Protocol version 2 (PEAP-MSCHAPv2). PEAP-GTC termination allows authorization against an LDAP server and external RADIUS server while PEAP- MSCHAPv2 allows authorization against an external RADIUS server.

This allows the users to run PEAP-GTC termination with their username and password to a local Microsoft Active Directory server with LDAP authentication.

EAP-GTC— This EAP method permits the transfer of unencrypted usernames and passwords from client to server. The EAP-GTC is mainly used for one-time token cards such as SecureID and the use of LDAP or RADIUS as the user authentication server. You can also enable caching of user credentials on the AP to an external authentication server for user data backup.

EAP-MSCHAPv2— This EAP method is widely supported by Microsoft clients. A RADIUS server must be used as the back-end authentication server.

Configuring authentication servers

This section describes the following procedures:

Configuring an external server for authentication on page 49

Configuring dynamic RADIUS proxy parameters on page 51

Configuring an external server for authentication

To add an external RADIUS server or LDAP server.

1.Select Wireless Configuration > Security > AUTHENTICATION SERVERS.

2.To create a new server, click New. A pane for specifying details for the new server is displayed.

3.Configure any of the following types of server:

n RADIUS Server — To configure a RADIUS server, specify the attributes described in the following table:

Table 21: RADIUS server configuration parameters

Data pane item

Description

NAME

Enter the name of the new external RADIUS server.

 

 

IP ADDRESS

Enter the IP address of the external RADIUS server.

 

 

AUTH PORT

Enter the authorization port number of the external RADIUS server. The default port

 

number is 1812.

 

 

ACCOUNTING

Enter the accounting port number. This port is used for sending accounting records

PORT

to the RADIUS server. The default port number is 1813.

 

 

49 Wireless configuration

HP Cloud Network Manager User Guide

Page 48 Page 50
Image 49
Page 48 Page 50
Contents HP Cloud Network Manager User Guide Acknowledgments Document 5998-5742, edition 1 JulyContents Wireless configuration Advanced configuration tasks Captive portal for guest access Reports Maintenance Intended audience About this guideRelated documents ConventionsCloud Network Manager overview About Cloud Network ManagerSupported APs Cloud Network Manager UI Activating your Cloud Network Manager subscriptions Cloud Network Manager user interfaceActivating your HP Cloud Network Manager account Search Tabs Notifications Help Data pane User interfaceTabs SearchHelp NotificationsData pane Feedback SupportOverview MonitoringData pane item Description AP details Access pointsRemote Console System pane ClientsSection Description Data pane itemEvent log Setting notification alerts Initial AP configuration Wireless configurationWireless network profiles Importing existing configuration from APConfiguring Wlan settings Understanding wireless network profilesNetwork types Voice Guest Disable Ssid Content FilteDMO Channel UtilizationCan be Used Configuring Vlan settings for a Wlan Ssid profileWithout Uplink MAX Clients Local ProbeKEY Configuring security settings for a Wlan Ssid profileManagement KEY Management Roaming AuthenticatioTermination ServerConfiguring access rules for a Wlan Ssid profile Editing a Wlan Ssid profile General configuration tasksDeleting a Wlan Ssid profile Modifying the AP name Basic configuration tasksConfiguring time zone Configuring VC IP addressConfiguring a preferred band Configuring an NTP serverConfiguring VC Vlan Additional configuration tasksConfiguring auto join mode Configuring LED displayDisabling inter-user bridging Advanced configuration tasksPreventing local routing between clients Enabling dynamic CPU managementConfiguring Arrm assigned radio profiles for an AP Configuring radio profiles for an APConfiguring radio profiles manually for AP Customizing AP parametersSelect Administrator assigned in 2.4 GHz and 5 GHz Band Configuring uplink Vlan for an APMode Description Obtaining IP addressArrm overview Advanced radio resource managementHP MotionAware Airtime fairness modeAP control Monitoring the network with Arrm Configuring Arrm on an APArrm metrics Motion Aware SLB ModeCalculating MA NeighborCustomize PowerValid ChannelsIntrusion detection system Configuring radio settings for an APOS fingerprinting Detecting and classifying rogue APsDetection level Detection policy Off Low Medium HighOff Low High Settings fieldProtection level Protection policy Understanding authentication methods AuthenticationContainment methods Wireless configuration Radius server authentication with VSA Supported authentication serversExternal Radius server Internal Radius serverAuthentication termination on AP Configuring authentication serversConfiguring an external server for authentication Shared KEY Shared KEY TimeoutRetype Retry CountClick Save Server Configuring dynamic Radius proxy parametersEnabling dynamic Radius proxy Configuring 802.1X authentication for a network profileConfiguring MAC authentication with 802.1X authentication Configuring MAC authentication for a network profileConfiguring WISPr authentication Blacklisting clients manually Blacklisting clientsBlacklisting users dynamically Configuring blacklist duration Captive portal for guest accessUnderstanding captive portal Session firewall based blacklistingTypes of captive portal Configuring a Wlan Ssid for guest accessWalled garden Select the Primary Usage as GuestInactivity Timeout Content FilteringMulticast Transmission Dynamic MulticastUplink MAX Clients Threshold Can be Used WithoutLocal Probe Request Configuring internal captive portal for guest network Select any one of the following types of authentication Configuring external captive portal for a guest networkExternal captive portal profiles Creating a captive portal profileUSE Https URLCaptive Portal FailureRule Type Configuring captive portal roles for an SsidSplash TypeInternal Configuring walled garden accessExternal Disabling captive portal authentication Dhcp configurationConfiguring Dhcp scopes Configuring local and local, L3 Dhcp scopesNetwork VlanNET Mask Excluded AddressConfiguring an AP for Rtls support ServicesConfiguring Dhcp server for client IP assignment Select Wireless Configuration Services RtlsBonjour support configuration Configuring OpenDNS credentialsBonjour support overview Bonjour support with Cloud Network Manager Bonjour support solutionBonjour support services Bonjour support featuresSelect Wireless Configuration Services Bonjour Support Integrating an AP with Palo Alto Networks firewall Configuring an AP for PAN integrationIntegration with Cloud Network Manager Wi-Fi uplink Uplink configurationConfiguring a Wi-Fi uplink profile Uplink interfacesEthernet uplink Configuring PPPoE uplink profileSetting an uplink priority Uplink preferences and switchingEnforcing uplinks From PRE-EMPTION, select Enabled Switching uplinks based on internet availabilityMobility and client management Layer-3 mobility overviewConfiguring L3-mobility Configuring enterprise domains Configuring L3 mobility domainEnterprise domain Snmp and loggingConfiguring community string for Snmp Configuring SnmpSnmp parameters for AP Creating community strings for SNMPv1 and SNMPv2Configuring Snmp traps Configuring a syslog serverCreating community strings for SNMPv3 Select Wireless Configuration System Logging Configuring Tftp dump serverLogging level Description Creating a report ReportsDeleting a report Firmware MaintenanceSubscription keys User management Device managementAcronyms and abbreviations TerminologyAbbreviation Expansion Term GlossaryDefinition DST Term DefinitionEAP POE Through a wireless connection

Cloud Network Manager Software specifications

HP Cloud Network Manager is a robust software solution designed to simplify and enhance the management of network infrastructure in cloud environments. As organizations increasingly shift toward cloud computing, they require comprehensive tools to oversee complex network deployments. HP Cloud Network Manager rises to this challenge, offering a powerful suite of features aimed at optimizing performance, automating tasks, and ensuring reliable connectivity.

One of the main features of HP Cloud Network Manager is its intuitive dashboard, which provides users with real-time insights into network operations. This centralized interface allows administrators to monitor the status of various components, identify potential issues, and respond swiftly to anomalies. With advanced analytics capabilities, the software empowers users to make data-driven decisions that enhance network efficiency.

Another critical feature of this software is its automation capabilities. HP Cloud Network Manager simplifies routine network management tasks, such as configuration, provisioning, and software updates, allowing IT teams to focus on strategic initiatives rather than mundane maintenance. Automation reduces the risk of human error and accelerates deployment times, significantly increasing operational agility.

The software also supports multi-cloud environments, enabling organizations to manage their network resources across different cloud platforms seamlessly. This flexibility is essential for businesses that utilize various cloud providers and wish to maintain a unified network strategy. Coupled with its compatibility with open standards, HP Cloud Network Manager facilitates integration with existing IT ecosystems, ensuring a smooth transition to advanced cloud solutions.

Security is a top priority in today's digital landscape, and HP Cloud Network Manager includes integrated security features to protect network assets. It provides visibility into traffic patterns, helping to detect and mitigate potential threats before they become significant issues. Enhanced security protocols ensure that sensitive data remains protected during transit and at rest, aligning with compliance requirements.

Finally, HP Cloud Network Manager is built on cutting-edge technologies, including artificial intelligence and machine learning, which enable proactive network management. These technologies predict network behavior, assisting administrators in optimizing resources and anticipating potential challenges. As a result, organizations can achieve enhanced reliability and performance from their network infrastructure.

In summary, HP Cloud Network Manager is an essential tool for businesses looking to improve their cloud network management capabilities. With its powerful features, supportive technologies, and commitment to security, it stands out as a reliable solution for navigating the complexities of modern network environments.
Top Page Image Contents