HP Enterprise File Services WAN Accelerator manual Radius and TACACS+ Authentication

Page 103

CHAPTER 9 RADIUS and TACACS+

Authentication

In This Chapter

This chapter describes how to configure Remote Authentication Dial-In User Service

 

(RADIUS) or Terminal Access Controller Access Control System (TACACS+)

 

authentication for the HP EFS WAN Accelerator. It contains the following sections:

 

‹ “Introduction to Authentication,” next

 

‹ “Configuring a RADIUS Server with FreeRADIUS” on page 98

 

‹ “Configuring a TACACS+ Server with Free TACACS+” on page 100

 

‹ “Configuring RADIUS Authentication in the HP EFS WAN Accelerator” on

 

page 101

 

‹ “Configuring TACACS+ Authentication in the HP EFS WAN Accelerator” on

 

page 103

Introduction to Authentication

The HP EFS WAN Accelerator can use a RADIUS or TACACS+ authentication system for logging in administrative and monitor users. The following methods for user authentication are provided with the HP EFS WAN Accelerator:

‹local

‹radius

‹tacacs+

The order in which authentication is attempted is based on the order specified in the Authentication, Authorization, Accounting (AAA) method list. The local value must always be specified in the method list.

The authentication methods list provides backup methods if a method fails to authenticate a user. Failure is defined as no response for the method. If a deny is received from the method being tried, no other methods are attempted.

The HP EFS WAN Accelerator does not have the ability to set a per interface authentication policy. The same authentication method list is used for all interfaces (that is, default). You cannot configure authentication methods with subsets of the RADIUS or TACACS+ servers specified (that is, there are no server groups).

9 - RADIUS AND TACACS+

AUTHENTICATION

HP STORAGEWORKS ENTERPRISE FILE SERVICES WAN ACCELERATOR 2.1.5 DEPLOYMENT GUIDE

97

Image 103
Contents 407118-001 HP StorageWorks Enterprise File Services WAN AcceleratorLegal and notice information Contents Chapter Wccp Deployments Policy-Based Routing DeploymentsGlossary 113 Index 117 Proxy File Service DeploymentsRadius and TACACS+ Authentication Serial Cluster and Cascade Deployments 107About This Guide IntroductionOrganization of This Guide Boldface Document ConventionsEthernet Network Compatibility Hardware and Software DependenciesAntivirus Compatibility Additional Resources Related Reading HP Storage Web Site Contacting HPIntroduction Introduction to the HP EFS WAN Accelerator Designing an HP EFS WAN Accelerator DeploymentVirtual Window Expansion Transaction AccelerationTransaction Prediction Design and Deployment OverviewDesigning AN HP EFS WAN Accelerator Deployment Definition of Terms Bypass ModeFailover Mode Designing AN HP EFS WAN Accelerator Designing AN HP EFS WAN Accelerator Deployment ‹ In-Path,Server-Side, One to One Deployment on In-Path DeploymentsIn-Path, Failover Support Deployment Introduction to Physical In-Path DeploymentsBasic Steps Client-Side Setup Advanced Networking Failover Settings Basic Steps Server-Side In-Path, Two Routing Points DeploymentBasic Steps Client-Side Basic Steps Server-Side In-Path, Server-Side DeploymentIn-Path, Server-Side Deployment In-Path, Server-Side, One to One DeploymentFollowing figure illustrates the server-side of the network Setup Advanced Networking Failover Settings Introduction to Virtual In-Path Deployments Virtual In-Path Network DeploymentsIn-Path, Load Balanced, Layer-4 Switch In-Path, Load-Balanced, Layer-4 Switch Deployment Setup Optimization Service General Settings Introduction to Out-of-Path Deployments Out-of-Path Network DeploymentsPhysical Out-of-Path Deployment Out-of-Path, Failover DeploymentOut-of-Path, Server-Side, Failover Support Deployment Setup Optimization Service In-Path Rules Static Cluster Deployment Out-of-Path, Static Cluster DeploymentSetup Optimization Service In-Path Rules, Fixed Target Client-Side Hybrid In-Path and Out-of-Path DeploymentBasic Steps Server-SideSetup Optimization Service In-Path Rules Basic Steps Server-Side OUT-OF-PATH Network Deployments Introduction to Connection Forwarding Configuring Connection ForwardingConnection Forwarding in an Asymmetric Network Neighbors Connection ForwardingOne-to-One Failover Deployment Configuring Connection ForwardingManagement Console Configuring Connection Forwarding Using‹ Click Update Settings Forwarding Configuring Connection Forwarding Using the CLI‹ Symmetric Deployments with PBR, Autodiscovery, and CDP on Policy-Based Routing DeploymentsOverview of CDP Introduction to PBRWccp PBR How PBR works on a Cisco 6500 Platform Version 12.217d SXB1Autodiscovery, and CDP on Asymmetric HP EFS WAN Accelerator Deployments With PBR Configuring PBR UsingTo configure the client To configure the client- side HP EFS WAN AcceleratorSide router Configuring PBR Using Management Console Setup Optimization Service General Settings Setup Optimization Service In-Path Rules Basic Steps Client-Side Basic Steps Server-Side PBR Between VLANs PBR Between VLANsRouter To configure the HPTo configure the Cisco EFS WAN AcceleratorEFS WAN Accelerators Set of commandsPOLICY-BASED Routing Deployments POLICY-BASED Routing Deployments Symmetric Deployments with PBR Autodiscovery, and CDP POLICY-BASED Routing Deployments Troubleshooting Wccp Deployments ‹ Troubleshooting onIntroduction to Wccp Basic Wccp ConfigurationFailover Support on ‹ To configure a service group Wccp CLI CommandsService group Connecting Basic Wccp ConfigurationAccelerator To configure Configuring Client-Side HPWccp router To add the Wccp service group to Configuring Wccp Using the Management ConsoleAccelerator Enable Wccp on your router Navigate to the Setup Advanced Networking Wccp Groups Setup Service, Wccp Groups To define in-path rules to reach the server- side appliance Basic Steps Server-Side Wccp 3640 router Dual Wccp DeploymentIp cef No ip http server Wccp 6209 routerSecurity Additional Wccp FeaturesTo configure the server-side HP EFS WAN Accelerator To set the passwordTCP Port Redirection MulticastFailover Support To configure specific traffic redirection on the routerTo change the hashing scheme and assign a weight Load BalancingTroubleshooting Introduction to PFS Proxy File Service DeploymentsPFS Terms Proxy File Service Description TermPFS Operating Modes How Does PFS Work? PFS When to UseWhen to use Global Mode To join a domain for Configuring PFS Using the Management ConsoleSetup Proxy File Service PFS Configuration Required Setup Proxy File Service Shares Mode Description Initialize a share To synchronizeTo map a share Information To modify shareDetails To view share statusIntroduction to Authentication Radius and TACACS+ AuthenticationConfiguring a Radius Server with FreeRADIUS Requests on To add acceptanceRadius server To download Configuring a TACACS+ Server with Free TACACS+Authentication ConfiguringSetup Authentication General Settings TACACS+ 104 105 106 Serial Cluster Deployment Serial Cluster and Cascade DeploymentsSerial Cluster Basic Serial Cluster Deployment To configure HP EFS WAN Accelerator1WAN Accelerator2 To configure HP EFSWAN Accelerator3 Cascade Deployment Cascade DeploymentFixed-Target Rules Glossary 114 115 116 PBR Index118
Related manuals
Manual 232 pages 61.98 Kb Manual 1 pages 12.03 Kb Manual 38 pages 24.46 Kb Manual 14 pages 52.65 Kb