Adding a radius server to the switch configuration, Enabling or disabling radius service, Deleting a radius server from the configuration – HP StorageWorks 2.128 SAN Director Switch User Manual
Page 51: Changing a radius server configuration
Fabric OS 5.x administrator guide
51
Adding a RADIUS server to the switch configuration
1.
Connect to the switch and log in as admin.
2.
Issue the following command:
switch:admin> aaaConfig --add server [-p port] [-s secret] [-t timeout]
[-a pap | chap]
Enabling or disabling RADIUS service
1.
Connect to the switch and log in as admin.
2.
Issue the following command:
switch:admin> aaaConfig --radius on | off
Specifying
on
enables the service; specifying
off
disables it.
At least one RADIUS server must be configured before you can enable RADIUS service.
If no RADIUS configuration exists, turning it on triggers an error message. When the command succeeds,
the event log indicates that the configuration is enabled or disabled.
Deleting a RADIUS server from the configuration
1.
Connect to the switch and log in as admin.
2.
Issue the following command:
switch:admin> aaaConfig --remove server | all
where
server
is a list of servers by either name or IP address. Enter either the name or IP address of
the server to be removed.
3.
At the prompt, enter
y
to complete the command.
When the command succeeds, the event log indicates that the server is removed.
Changing a RADIUS server configuration
1.
Connect to the switch and log in as admin.
2.
Issue the following command:
switch:admin> aaaConfig --change server [-p port] [-s secret] [-t timeout]
[-a pap | chap]
where:
server
Is either a server name or an IP address. Avoid duplicating server listings
(that is, listing the same server once by name and again by IP address).
Up to five servers can be added to the configuration.
-p port
Is an optional argument; enter a server port. The default is port
1812
.
-s secret
Is an optional argument; enter a shared secret. The default is
sharedsecret
. Secrets can be 8 to 40 alphanumeric characters. Make
sure that the secret matches that configured on the server.
-t timeout
Is an optional argument; enter the length of time (in seconds) that the
server has to respond before the next server is contacted. The default is 3
seconds. Timeout values can range from 1 to 30 seconds.
-a[pap|chap]
Specifies
PAP
or
CHAP
as the authentication protocol.
where:
server
Is a list of servers by either name or IP address. Enter either the name or IP
address of the server to be changed.