6-73
RADIUS Authentication, Authorization, and Accounting
Dynamic Removal of Authentication Limits
To display the configuration information for just those ports that are dynam-
ically overridden by RADIUS attributes, use the show port-access summary
radius-overridden command.
Figure 6-35. Example of Output for Client-limit Values that are RADIUS Overridden
Operating Notes
■ Only RADIUS authentication supports the new VSAs. Other authenti-
cation types, such as TACACS, are not supported.
■ The new VSAs are not supported in IDM and they cannot be specified
in the configurations. The new VSAs must be configured manually.
■ If the RADIUS server delivers a new VSA to an authenticator switch
that does not understand it, the Access-Accept message is rejected.
HP Switch(config)# show port-access summary radius-overridden
Port Access Status Summary
Port-access authenticator activated [No} : No
Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No
Note: * indicates values dynamically overridden by RADIUS
Authenticator Web Auth MAC Auth
Port Enabled Mode Limit Enabled Limit Enabled Limit
---- + ------- ---- ----- + ------- ----- + ------- -----
1 | Yes user* 1* | Yes 1 | Yes 1
2 | Yes user 32 | Yes 32* | Yes 32
4 | No port 1 | No 1 | No* 1
To Next Page
Loading...
Need help?
General