Configuring | HP Enterprise File Services WAN Accelerator specification

Configuring

RADIUS

Authentication

user = admin {

pap = cleartext "tacadmin" user = monitor {

pap = cleartext "tacmonitor" user = tacuser {

pap = cleartext "tacpass" service = rbt-exec {

local-user-name = "monitor"

}

The secret you specify here must also be specified in the HP EFS WAN Accelerator when you set up TACACS+ server support. For detailed information, see the HP Enterprise File Services WAN Accelerator Management Console User Guide.

The tacuser is a monitor user as specified by local-user-name.

NOTE: The chap, opap, and arap variables can be specified in a similar manner, but only pap is needed.

8.Start the server by executing:

>/usr/local/sbin/tac_plus -C /usr/local/etc/tac_plus.conf

Configuring RADIUS Authentication in the HP EFS WAN Accelerator

The following section provides the basic steps for configuring RADIUS authentication in the HP EFS WAN Accelerator.

The following section describes the basic steps for configuring RADIUS authentication in the HP EFS WAN Accelerator.

You prioritize RADIUS authentication methods for the system and set the authorization policy and default user.

IMPORTANT: Make sure to put the authentication methods in the order in which you want authentication to occur. If authorization fails on the first method, the next method is attempted, and so forth, until all the methods have been attempted.

9 - RADIUS AND TACACS+

AUTHENTICATION

HP STORAGEWORKS ENTERPRISE FILE SERVICES WAN ACCELERATOR 2.1.5 DEPLOYMENT GUIDE

101

Image 107

HP Enterprise File Services WAN Accelerator manual Configuring, Authentication

Contents

407118-001 HP StorageWorks Enterprise File Services WAN Accelerator Legal and notice information Contents Chapter Wccp Deployments Policy-Based Routing Deployments Glossary 113 Index 117 Proxy File Service DeploymentsRadius and TACACS+ Authentication Serial Cluster and Cascade Deployments 107 About This Guide Introduction Organization of This Guide Boldface Document Conventions Antivirus Compatibility Hardware and Software DependenciesEthernet Network Compatibility Additional Resources Related Reading HP Storage Web Site Contacting HP Introduction Introduction to the HP EFS WAN Accelerator Designing an HP EFS WAN Accelerator Deployment Virtual Window Expansion Transaction Acceleration Transaction Prediction Design and Deployment Overview Designing AN HP EFS WAN Accelerator Deployment Definition of Terms Bypass Mode Failover Mode Designing AN HP EFS WAN Accelerator Designing AN HP EFS WAN Accelerator Deployment ‹ In-Path,Server-Side, One to One Deployment on In-Path Deployments Basic Steps Client-Side Introduction to Physical In-Path DeploymentsIn-Path, Failover Support Deployment Setup Advanced Networking Failover Settings Basic Steps Server-Side In-Path, Two Routing Points Deployment Basic Steps Client-Side Basic Steps Server-Side In-Path, Server-Side Deployment In-Path, Server-Side Deployment In-Path, Server-Side, One to One Deployment Following figure illustrates the server-side of the network Setup Advanced Networking Failover Settings Introduction to Virtual In-Path Deployments Virtual In-Path Network Deployments In-Path, Load Balanced, Layer-4 Switch In-Path, Load-Balanced, Layer-4 Switch Deployment Setup Optimization Service General Settings Introduction to Out-of-Path Deployments Out-of-Path Network Deployments Physical Out-of-Path Deployment Out-of-Path, Failover Deployment Out-of-Path, Server-Side, Failover Support Deployment Setup Optimization Service In-Path Rules Static Cluster Deployment Out-of-Path, Static Cluster Deployment Setup Optimization Service In-Path Rules, Fixed Target Client-Side Hybrid In-Path and Out-of-Path DeploymentBasic Steps Server-Side Setup Optimization Service In-Path Rules Basic Steps Server-Side OUT-OF-PATH Network Deployments Introduction to Connection Forwarding Configuring Connection Forwarding Connection Forwarding in an Asymmetric Network Neighbors Connection Forwarding One-to-One Failover Deployment Configuring Connection Forwarding Management Console Configuring Connection Forwarding Using ‹ Click Update Settings Forwarding Configuring Connection Forwarding Using the CLI ‹ Symmetric Deployments with PBR, Autodiscovery, and CDP on Policy-Based Routing Deployments Overview of CDP Introduction to PBR Wccp PBR How PBR works on a Cisco 6500 Platform Version 12.217d SXB1 Autodiscovery, and CDP on Asymmetric HP EFS WAN Accelerator Deployments With PBR Configuring PBR Using Side router To configure the client- side HP EFS WAN AcceleratorTo configure the client Configuring PBR Using Management Console Setup Optimization Service General Settings Setup Optimization Service In-Path Rules Basic Steps Client-Side Basic Steps Server-Side PBR Between VLANs PBR Between VLANs Router To configure the HPTo configure the Cisco EFS WAN Accelerator EFS WAN Accelerators Set of commands POLICY-BASED Routing Deployments POLICY-BASED Routing Deployments Symmetric Deployments with PBR Autodiscovery, and CDP POLICY-BASED Routing Deployments Troubleshooting Wccp Deployments ‹ Troubleshooting on Introduction to Wccp Basic Wccp Configuration Failover Support on ‹ To configure a service group Wccp CLI Commands Service group Accelerator Basic Wccp ConfigurationConnecting Wccp router Configuring Client-Side HPTo configure Accelerator Configuring Wccp Using the Management ConsoleTo add the Wccp service group to Enable Wccp on your router Navigate to the Setup Advanced Networking Wccp Groups Setup Service, Wccp Groups To define in-path rules to reach the server- side appliance Basic Steps Server-Side Wccp 3640 router Dual Wccp Deployment Ip cef No ip http server Wccp 6209 router Security Additional Wccp FeaturesTo configure the server-side HP EFS WAN Accelerator To set the password TCP Port Redirection Multicast Failover Support To configure specific traffic redirection on the routerTo change the hashing scheme and assign a weight Load Balancing Troubleshooting Introduction to PFS Proxy File Service Deployments PFS Terms Proxy File Service Description Term PFS Operating Modes How Does PFS Work? PFS When to Use When to use Global Mode To join a domain for Configuring PFS Using the Management Console Setup Proxy File Service PFS Configuration Required Setup Proxy File Service Shares Mode Description To map a share To synchronizeInitialize a share Information To modify share Details To view share status Introduction to Authentication Radius and TACACS+ Authentication Configuring a Radius Server with FreeRADIUS Radius server To add acceptanceRequests on To download Configuring a TACACS+ Server with Free TACACS+ Authentication Configuring Setup Authentication General Settings TACACS+ 104 105 106 Serial Cluster Deployment Serial Cluster and Cascade Deployments Serial Cluster Basic Serial Cluster Deployment To configure HP EFS WAN Accelerator1 WAN Accelerator3 To configure HP EFSWAN Accelerator2 Cascade Deployment Cascade Deployment Fixed-Target Rules Glossary 114 115 116 PBR Index 118