HP Enterprise File Services WAN Accelerator manual To add acceptance, Requests on, Radius server

Page 105

The directory /usr/local/share/freeradius is where the dictionary files are stored. This is where RADIUS attributes can be defined. Assuming the vendor does not have established dictionary file in the FreeRADIUS distribution, you begin the process by creating a file called: dictionary.<vendor>.

The contents of the dictionary.<vendor> file define a vendor identifier (which ought to be the Structure of Management Information (SMI) Network Management Private Enterprise Code of the Vendor), and the definitions for any vendor specific attributes.

In the following example, the Vendor Enterprise Number for HP is 17613 and the Enterprise Local User Name Attribute is 1. These numbers specify that a given user is an admin or monitor user in the RADIUS server (instead of using the HP EFS WAN Accelerators default for users not named admin and monitor).

These instruction assume you are running FreeRADIUS, v.1.0, which is available from

http://www.freeradius.org.

To install FreeRADIUS 1. Download FreeRadius from http://www.freeradius.org. on a Linux computer

2.At your system prompt, enter the following set of commands:

>tar xvzf freeradius-$VERSION.tar.gz >cd freeradius-$VERSION >./configure

>make

>make install #as root

To add acceptance

1.

In a text editor, open the /usr/local/etc/raddb/clients.conf file.

requests on the

2.

To create the key for the RADIUS server, add the following text to the clients.conf

RADIUS server

 

 

file:

client 10.0.0.0/16 { secret = testradius shortname = main-network nastype = other

}

The secret you specify here must also be specified in the HP EFS WAN Accelerator when you set up RADIUS server support. For detailed information, see the HP Enterprise File Services WAN Accelerator Management Console User Guide.

3.In a text editor, create a /usr/local/share/freeradius/dictionary.rbt file for HP.

4.Add the following text to the dictionary.rbt file.

VENDOR

RBT

 

17163

 

ATTRIBUTE

Local-User

1

string

RBT

5. Add the following line to the /usr/local/share/freeradius/dictionary:

$INCLUDE dictionary.rbt

6.Add users to the Radius server by editing the /usr/local/etc/raddb/users file. For example:

"admin"

Auth-Type := Local, User-Password == "radadmin"

 

Reply-Message = "Hello, %u"

 

HP STORAGEWORKS ENTERPRISE FILE SERVICES WAN ACCELERATOR 2.1.5 DEPLOYMENT GUIDE

99

9 - RADIUS AND TACACS+

AUTHENTICATION

Page 104 Page 106
Image 105
Page 104 Page 106
Contents 407118-001 HP StorageWorks Enterprise File Services WAN AcceleratorLegal and notice information Contents Chapter Wccp Deployments Policy-Based Routing DeploymentsRadius and TACACS+ Authentication Proxy File Service DeploymentsSerial Cluster and Cascade Deployments 107 Glossary 113 Index 117About This Guide IntroductionOrganization of This Guide Boldface Document ConventionsHardware and Software Dependencies Ethernet Network CompatibilityAntivirus Compatibility Additional Resources Related Reading HP Storage Web Site Contacting HPIntroduction Introduction to the HP EFS WAN Accelerator Designing an HP EFS WAN Accelerator DeploymentVirtual Window Expansion Transaction AccelerationTransaction Prediction Design and Deployment OverviewDesigning AN HP EFS WAN Accelerator Deployment Definition of Terms Bypass ModeFailover Mode Designing AN HP EFS WAN Accelerator Designing AN HP EFS WAN Accelerator Deployment ‹ In-Path,Server-Side, One to One Deployment on In-Path DeploymentsIntroduction to Physical In-Path Deployments In-Path, Failover Support DeploymentBasic Steps Client-Side Setup Advanced Networking Failover Settings Basic Steps Server-Side In-Path, Two Routing Points DeploymentBasic Steps Client-Side Basic Steps Server-Side In-Path, Server-Side DeploymentIn-Path, Server-Side Deployment In-Path, Server-Side, One to One DeploymentFollowing figure illustrates the server-side of the network Setup Advanced Networking Failover Settings Introduction to Virtual In-Path Deployments Virtual In-Path Network DeploymentsIn-Path, Load Balanced, Layer-4 Switch In-Path, Load-Balanced, Layer-4 Switch Deployment Setup Optimization Service General Settings Introduction to Out-of-Path Deployments Out-of-Path Network DeploymentsPhysical Out-of-Path Deployment Out-of-Path, Failover DeploymentOut-of-Path, Server-Side, Failover Support Deployment Setup Optimization Service In-Path Rules Static Cluster Deployment Out-of-Path, Static Cluster DeploymentSetup Optimization Service In-Path Rules, Fixed Target Basic Steps Hybrid In-Path and Out-of-Path DeploymentServer-Side Client-SideSetup Optimization Service In-Path Rules Basic Steps Server-Side OUT-OF-PATH Network Deployments Introduction to Connection Forwarding Configuring Connection ForwardingConnection Forwarding in an Asymmetric Network Neighbors Connection ForwardingOne-to-One Failover Deployment Configuring Connection ForwardingManagement Console Configuring Connection Forwarding Using‹ Click Update Settings Forwarding Configuring Connection Forwarding Using the CLI‹ Symmetric Deployments with PBR, Autodiscovery, and CDP on Policy-Based Routing DeploymentsOverview of CDP Introduction to PBRWccp PBR How PBR works on a Cisco 6500 Platform Version 12.217d SXB1Autodiscovery, and CDP on Asymmetric HP EFS WAN Accelerator Deployments With PBR Configuring PBR UsingTo configure the client- side HP EFS WAN Accelerator To configure the clientSide router Configuring PBR Using Management Console Setup Optimization Service General Settings Setup Optimization Service In-Path Rules Basic Steps Client-Side Basic Steps Server-Side PBR Between VLANs PBR Between VLANsTo configure the Cisco To configure the HPEFS WAN Accelerator RouterEFS WAN Accelerators Set of commandsPOLICY-BASED Routing Deployments POLICY-BASED Routing Deployments Symmetric Deployments with PBR Autodiscovery, and CDP POLICY-BASED Routing Deployments Troubleshooting Wccp Deployments ‹ Troubleshooting onIntroduction to Wccp Basic Wccp ConfigurationFailover Support on ‹ To configure a service group Wccp CLI CommandsService group Basic Wccp Configuration ConnectingAccelerator Configuring Client-Side HP To configureWccp router Configuring Wccp Using the Management Console To add the Wccp service group toAccelerator Enable Wccp on your router Navigate to the Setup Advanced Networking Wccp Groups Setup Service, Wccp Groups To define in-path rules to reach the server- side appliance Basic Steps Server-Side Wccp 3640 router Dual Wccp DeploymentIp cef No ip http server Wccp 6209 routerTo configure the server-side HP EFS WAN Accelerator Additional Wccp FeaturesTo set the password SecurityTCP Port Redirection MulticastTo change the hashing scheme and assign a weight To configure specific traffic redirection on the routerLoad Balancing Failover SupportTroubleshooting Introduction to PFS Proxy File Service DeploymentsPFS Terms Proxy File Service Description TermPFS Operating Modes How Does PFS Work? PFS When to UseWhen to use Global Mode To join a domain for Configuring PFS Using the Management ConsoleSetup Proxy File Service PFS Configuration Required Setup Proxy File Service Shares Mode Description To synchronize Initialize a shareTo map a share Information To modify shareDetails To view share statusIntroduction to Authentication Radius and TACACS+ AuthenticationConfiguring a Radius Server with FreeRADIUS To add acceptance Requests onRadius server To download Configuring a TACACS+ Server with Free TACACS+Authentication ConfiguringSetup Authentication General Settings TACACS+ 104 105 106 Serial Cluster Deployment Serial Cluster and Cascade DeploymentsSerial Cluster Basic Serial Cluster Deployment To configure HP EFS WAN Accelerator1To configure HP EFS WAN Accelerator2WAN Accelerator3 Cascade Deployment Cascade DeploymentFixed-Target Rules Glossary 114 115 116 PBR Index118
Related manuals
Manual 232 pages 61.98 Kb Manual 1 pages 12.03 Kb Manual 38 pages 24.46 Kb Manual 14 pages 52.65 Kb
Top Page Image Contents