Manuals / HP / Computer Equipment / Software

HP Cloud Network Manager Software manual Configuring authentication servers

Models: Cloud Network Manager Software

1 89
Download 89 pages 22.67 Kb
Page 49
Image 49

LEAP— Lightweight Extensible Authentication Protocol (LEAP) uses dynamic Wired Equivalent Privacy (WEP) keys for authentication between the client and authentication server.

To use the internal database of an AP for user authentication, add the names and passwords of the users to be authenticated.

HP does not recommend the use of LEAP authentication because it does not provide any resistance to network attacks.

Authentication termination on AP

Cloud Network Manager allows EAP termination for PEAP-Generic Token Card (PEAP-GTC) and Protected Extensible Authentication Protocol-Microsoft Challenge Authentication Protocol version 2 (PEAP-MSCHAPv2). PEAP-GTC termination allows authorization against an LDAP server and external RADIUS server while PEAP- MSCHAPv2 allows authorization against an external RADIUS server.

This allows the users to run PEAP-GTC termination with their username and password to a local Microsoft Active Directory server with LDAP authentication.

EAP-GTC— This EAP method permits the transfer of unencrypted usernames and passwords from client to server. The EAP-GTC is mainly used for one-time token cards such as SecureID and the use of LDAP or RADIUS as the user authentication server. You can also enable caching of user credentials on the AP to an external authentication server for user data backup.

EAP-MSCHAPv2— This EAP method is widely supported by Microsoft clients. A RADIUS server must be used as the back-end authentication server.

Configuring authentication servers

This section describes the following procedures:

Configuring an external server for authentication on page 49

Configuring dynamic RADIUS proxy parameters on page 51

Configuring an external server for authentication

To add an external RADIUS server or LDAP server.

1.Select Wireless Configuration > Security > AUTHENTICATION SERVERS.

2.To create a new server, click New. A pane for specifying details for the new server is displayed.

3.Configure any of the following types of server:

n RADIUS Server — To configure a RADIUS server, specify the attributes described in the following table:

Table 21: RADIUS server configuration parameters

Data pane item

Description

NAME

Enter the name of the new external RADIUS server.

 

 

IP ADDRESS

Enter the IP address of the external RADIUS server.

 

 

AUTH PORT

Enter the authorization port number of the external RADIUS server. The default port

 

number is 1812.

 

 

ACCOUNTING

Enter the accounting port number. This port is used for sending accounting records

PORT

to the RADIUS server. The default port number is 1813.

 

 

49 Wireless configuration

HP Cloud Network Manager User Guide

Page 48 Page 50
Page 49
Image 49
HP Cloud Network Manager Software manual Configuring authentication servers, Authentication termination on AP
Page 48 Page 50