RADIUS Authentication and Accounting

Controlling Web Browser Interface Access When Using RADIUS Authentication

Controlling Web Browser Interface Access When Using RADIUS Authentication

To prevent unauthorized access through the web browser interface, do one or more of the following:

For Series 2600, 2600-PWR, and Series 2800 switches, configure RADIUS authentication access (software releases H.08.58 and I.08.60 or greater). (Configuring the switch for RADIUS authentication does not affect web browser interface access for the 4100 and 6108 switches.)

Configure local authentication (a Manager user name and password and, optionally, an Operator user name and password) on the switch.

Configure the switch’s Authorized IP Manager feature to allow web browser access only from authorized management stations. (The Authorized IP Manager feature does not interfere with TACACS+ operation.)

Disable web browser access to the switch.

Configuring RADIUS Accounting

 

RADIUS Accounting Commands

Page

 

 

[no] radius-server host < ip-address>

5-20

 

 

[acct-port < port-number>]

5-20

 

 

[key < key-string >]

5-20

 

 

[no] aaa accounting < exec network system >

5-23

 

 

< start-stop stop-only> radius

 

 

 

[no] aaa accounting update

5-24

 

 

periodic < 1 - 525600 > (in minutes)

 

 

 

[no] aaa accounting suppress null-username

5-24

 

 

show accounting

5-28

 

 

show accounting sessions

5-29

 

 

show radius accounting

5-28

 

 

 

 

 

 

 

 

 

5-17

Page 117
Image 117
HP 2600-PWR, 4100gl, 2650 (J4899A/B), 2626 (J4900A/B), 6108 manual Configuring Radius Accounting, Radius Accounting Commands