7-1
7
Configuring RADIUS Server Support for
Switch Services
Overview
This chapter provides information used for configuring CoS (802.1p priority),
rate-limiting, and ACL client services on a RADIUS server. For information on
configuring client authentication capability on the switch, refer to chapter 6,
“RADIUS Authentication, Authorization, and Accounting”.
Table 7-1. RADIUS Services Supported on the Switch
RADIUS Client and Server Requirements
■ Clients can be dual-stack, IPv4-only or IPv6 only.
■ Client authentication can be through 802.1X, MAC Auth, or Web Auth.
(Clients using Web Auth must be IPv4-capable.)
■ Server must support IPv4 and have an IPv4 address.
Service Application Standard RADIUS
Attribute
1
HP Vendor-
Specific RADIUS
Attribute (VSA)
Cos (Priority) per-user 59 40
Ingress Rate-Limiting per-user — 46
Egress Rate-Limiting per-port
2
—48
ACLs
IPv6 and/or IPv4 ACEs
(NAS-Filter-Rule)
per-user 92 61
NAS-Rules-IPv6 (sets IP mode to
IPv4-only or IPv4 and IPv6)
per-user — 63
1
HP recommends using the Standard RADIUS attribute if available.
2
If multiple clients are
authenticated on a port where per-port rules are assigned by a RADIUS server, then the most
recently assigned rule is applied to the traffic of all clients authenticated on the port.
To Next Page
Loading...
Need help?
General