EasyManuals Logo
Home>HP>Switch>J8698A

HP J8698A User Manual

HP J8698A
778 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #333 background imageLoading...
Page #333 background image
7-15
Configuring RADIUS Server Support for Switch Services
Configuring and Using Dynamic (RADIUS-Assigned) Access Control Lists
Overview of RADIUS-Assigned, Dynamic ACLs
RADIUS-assigned ACLs enhance network and switch management access
security and traffic control by permitting or denying authenticated client
access to specific network resources and to the switch management interface.
This includes preventing clients from using TCP or UDP applications, ICMP
packet types, and IGMP (IPv4 only) if you do not want their access privileges
to include these capabilities.
Traffic Applications
Beginning with software release K.14.01, the switch supports RADIUS-
assigned ACLs for the following traffic applications:
â–  inbound IPv4 traffic only
â–  inbound IPv4 and IPv6 traffic
This feature is designed for use on the network edge to accept RADIUS-
assigned ACLs for Layer-3 filtering of IP traffic entering the switch from
authenticated clients. A given RADIUS-assigned ACL is identified by a unique
username/password pair or client MAC address, and applies only to IP traffic
entering the switch from clients that authenticate with the required, unique
credentials. The switch allows multiple RADIUS-assigned ACLs on a given
port, up to the maximum number of authenticated clients allowed on the port.
Also, a RADIUS-assigned ACL for a given client’s traffic can be assigned
regardless of whether other ACLs assigned to the same port are statically
configured on the switch.
A RADIUS-assigned ACL filters IP traffic entering the switch from the client
whose authentication caused the ACL assignment. Filter criteria is based on:
â–  destination address
â–  IPv4 or IPv6 traffic type (such as TCP and UDP traffic)
Implementing the feature requires:
â–  RADIUS authentication using the 802.1X, Web authentication, or MAC
authentication available on the switch to provide client authentica-
tion services
â–  configuring one or more ACLs on a RADIUS server (instead of the
switch), and assigning each ACL to the username/password pair or
MAC address of the client(s) you want the ACLs to support
Using RADIUS to dynamically apply ACLs to clients on edge ports enables the

Table of Contents

Other manuals for HP J8698A

Preview: Advanced Traffic Management Guide
Advanced Traffic Management Guide460 pages
Preview: Installation Guide
Installation Guide56 pages
Preview: Planning And Implementation Guide
Planning And Implementation Guide58 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP J8698A and is the answer not in the manual?

HP J8698A Specifications

General IconGeneral
BrandHP
ModelJ8698A
CategorySwitch
LanguageEnglish

Related product manuals