HPE IMC UAM LDAP Authentication Configuration Examples

Size: px
Start display at page:

Download "HPE IMC UAM LDAP Authentication Configuration Examples"

Transcription

1 HPE IMC UAM LDAP Authentication Configuration Examples Part Number: Software Version: IMC UAM 7.2 (E0402) Document Version: 2 The information in this document is subject to change without notice. Copyright 2016 Hewlett Packard Enterprise Development LP

2 Contents Introduction 1 Prerequisites 1 Example: Using UAM for LDAP authentication 1 Network configuration 1 Software versions used 2 Restrictions and guidelines 2 Configuring UAM 3 Adding the switch to UAM 3 Configuring an access policy for LDAP authentication 5 Associating an access service with the access policy 6 Adding an LDAP server 7 Configuring a synchronization policy for the LDAP server 10 Synchronizing user data from the LDAP server 13 Configuring the switch 14 Verifying the configuration 15 Triggering 802.1X authentication in the inode client 15 Viewing online users in UAM 17 i

3 Introduction This document provides examples for using UAM to provide LDAP authentication on a network. UAM forwards authentication requests to the LDAP server and makes access decisions according to the authentication results. LDAP user information is stored both on the LDAP server and UAM. The examples apply to scenarios where UAM is deployed to work with an existing LDAP server for authentication. Prerequisites Make sure the access device supports 802.1X. Example: Using UAM for LDAP authentication Network configuration As shown in Figure 1, a user accesses the network by using the account imc001 that is stored on an LDAP server. The LDAP server is a Microsoft Active Directory and uses the default port 389. The domain name is xin.h3c. Deploy UAM to forward the user's authentication requests to the LDAP server. UAM uses the authentication port 1812, accounting port 1813, and shared key of fine for RADIUS communication. The switch manages the user in an ISP domain named cert and includes the domain information in the user names to be sent to UAM. The user accesses the network through the inode client on a Windows PC. 1

4 Figure 1 Network diagram Software versions used This configuration example was created and verified on the following platforms: IMC UAM 7.2 (E0402) H3C S C-PWR-EI Comware Software, Version 5.20, Release 2220P02 inode PC 7.2 (E0402) Restrictions and guidelines When you configure LDAP and UAM authentication, follow these restrictions and guidelines: Make sure the shared key you configure for the access device on UAM is the same as the CLI configuration on the switch. Make sure the authentication port number and the accounting port number you configure for the access device on UAM are the same as the CLI configuration on the switch. To select or specify the device IP address, follow these restrictions and guidelines: If the nas ip command is configured on the switch, use the NAS IP address as the IP address of the access device. 2

5 If the nas ip command is not configured on the switch, use the IP address of the interface (including VLAN interface) that connects to UAM as the IP address of the access device. To select the switch from the resource pool, make sure it is already added to the IMC platform manually or through auto discovery and uses the correct IP address. If the switch in the resource pool does not use the correct IP address, you must specify the correct IP address of the access device. Configure a service suffix for the 802.1X user depending on the authentication domain and username format settings on the switch, as shown in Table 1. Table 1 Determining the service suffix Username in inode Authentication domain on the switch Username format command on the switch Service suffix in UAM imc001@cert cert user-name-format with-domain user-name-format without-domain cert No suffix Configuring UAM Adding the switch to UAM 1. Click the User tab. 2. From the navigation tree, select User Access Policy > Access Device Management > Access Device. The access device list opens, as shown in Figure 2. Figure 2 Accessing the Access Device page 3. On the access device list, click Add. The Add Access Device page opens, as shown in Figure 3. 3

6 Figure 3 Adding an access device 4. Configure the access device parameters, as shown in Figure 4: a. In the Access Configuration area, enter fine in the Shared Key field and use the default values for the other parameters. If the Displays Key in parameter is set to Ciphertext (Displays ******) in the system configuration, enter the same shared key in both the Shared Key and Confirm Shared Key fields. b. Use the default values for other parameters. Figure 4 Configuring the access parameters 5. Add the switch to UAM as an access device. You can add a device to UAM either manually or by selecting the device from the IMC platform. This example uses the Add Manually option. To manually add the switch to UAM: a. In the Device List area, click Add Manually. b. On the Add Access Device Manually window, enter in the Device IP field, as shown in Figure 5. 4

7 c. Click OK. Figure 5 Adding an access device manually 6. On the Add Access Device page, click OK. The new access device is displayed in the access device list, as shown in Figure 6. Figure 6 Viewing the new access device Configuring an access policy for LDAP authentication 1. Click the User tab. 2. From the navigation tree, select User Access Policy > Access Policy. The access policy list is displayed, as shown in Figure 7. Figure 7 Accessing the Access Policy page 3. Click Add on top of the access policy list. 4. On the Add Access Policy page, configure the following parameters, as shown in Figure 8: 5

8 a. Enter LDAP User Access Policy in the Access Policy Name field. b. Use the default values for other parameters. Figure 8 Adding an access policy 5. Click OK. The new access policy named LDAP User Access Policy is displayed in the access policy list, as shown in Figure 9. Figure 9 Viewing the added access policy Associating an access service with the access policy 1. Click the User tab. 2. From the navigation tree, select User Access Policy > Access Service. The Access Service page opens, as shown in Figure 10. 6

9 Figure 10 Accessing the Access Service page 3. Click Add on top of the access service list. 4. On the Add Access Service page, configure the following parameters, as shown in Figure 11: a. Enter LDAP User Access Service in the Service Name field. b. Enter cert in the Service Suffix field. For more information about determining the service suffix, see Table 1. c. Select LDAP User Access Policy from the Default Access Policy list. d. Use the default values for other parameters. Figure 11 Adding an access service 5. Click OK. The new access service named LDAP User Access Service is displayed in the access service list, as shown in Figure 12. Figure 12 Viewing the new access service Adding an LDAP server 1. Click the User tab. 2. From the navigation tree, select User Access Policy > LDAP Service > LDAP Server. 7

10 The LDAP Server page opens, as shown in Figure 13. Figure 13 Accessing the LDAP Server page 3. On the LDAP server list, click Add. 4. On the Add LDAP Server page, configure the following parameters, as shown in Figure 14: a. Enter a name in the Service Name field to uniquely identify the LDAP server on UAM. This example uses Windows AD as the server name. b. Enter in the Address field. The combination of the IP address and the base DN must be unique on UAM. c. Enter the listening port number in the Port field. This example uses the default value 389. d. Select Microsoft AD from the Server Type list. e. Enter the absolute path where user data is stored on the LDAP server in the Base DN field. This example uses dc=xin,dc=h3c. f. Enter the absolute path of the administrator in the Admin DN field. This example uses cn=administrator,cn=users,dc=xin,dc=h3c. g. Enter the administrator password of the LDAP server in the Admin Password field. h. Use the default values for other parameters. NOTE: When Microsoft AD is selected from the Server Type list, the default value Yes automatically populates the Real-Time AuthN field. The value cannot be changed. 8

11 Figure 14 Adding an LDAP server 5. Click OK. The new LDAP server named Windows AD is displayed in the LDAP server list, as shown in Figure 15. Figure 15 Viewing the added LDAP server 6. Click Test to test the connectivity between IMC and the LDAP server. The test result opens on the top upper right of the page, as shown in Figure 16. 9

12 Figure 16 Viewing the testing result Configuring a synchronization policy for the LDAP server 1. Click the User tab. 2. From the navigation tree, select User Access Policy > LDAP Service > Sync Policy. The Sync Policy page opens, as shown in Figure 17. Figure 17 Accessing the Sync Policy page 3. Click Add on top of the synchronization policy list. 4. On the Add Sync Policy page, configure the following parameters, as shown in Figure 18: a. Enter Windows AD Sync Policy in the Policy Name field. b. Select Windows AD from the Server Name list. c. Enter the absolute subdirectory path where user data is stored on the LDAP server in the Sub-Base DN field. The sub-base DN must be the base DN itself or its subset. This example uses dc=xin,dc=h3c. UAM synchronizes only the user data under the specified subdirectory from the server. d. Use the default values for other parameters. 10

13 Figure 18 Adding a synchronization policy 5. Click Next. 6. On the Add Sync Policy page, configure the following parameters, as shown in Figure 19: a. In the Access Information area, enter imc123 in the Password field. By default, the password is not synchronized from the LDAP server. b. In the Access Service area, select the service named LDAP User Access Service. c. Use the default values for other parameters. 11

14 Figure 19 Configuring policy information 7. Click Finish. The new synchronization policy named Windows AD Sync Policy is displayed in the synchronization policy list, as shown in Figure 20. Figure 20 Viewing the new synchronization policy 12

15 Synchronizing user data from the LDAP server 1. Click the User tab. 2. From the navigation tree, select User Access Policy > LDAP Service > Sync Policy. The Sync Policy page opens, as shown in Figure 21. Figure 21 Accessing the Sync Policy page 3. Click Synchronize for the policy named Windows AD Sync Policy. UAM starts to synchronize user data from the LDAP server and displays the synchronization result, as shown in Figure 22. Figure 22 Viewing the LDAP user synchronization result 4. From the navigation tree, select Access User > All Access Users. The synchronized LDAP users appear in the access user list, as shown in Figure

16 Figure 23 Viewing the synchronized LDAP users Configuring the switch 1. Configure a RADIUS scheme. # Create a RADIUS scheme named zzpermit. <H3C>system-view System View: return to User View with Ctrl+Z. [H3C] radius scheme zzpermit New Radius scheme # Configure UAM as the primary RADIUS authentication and accounting servers in the scheme. Set the RADIUS authentication port to 1812 and accounting port to [H3C-radius-zzpermit] primary authentication [H3C-radius-zzpermit] primary accounting # Configure the shared key to fine to secure RADIUS authentication and accounting communication. [H3C-radius-zzpermit] key authentication fine [H3C-radius-zzpermit] key accounting fine # Configure the switch to include domain information in the user names to be sent to the RADIUS server. [H3C-radius-zzpermit] user-name-format with-domain [H3C-radius-zzpermit] quit 2. Configure an ISP domain. # Add an ISP domain named cert. [H3C] domain cert New Domain added. 14

17 # Configure the switch to use the RADIUS scheme zzpermit for users in ISP domain cert. [H3C-isp-cert] authentication lan-access radius-scheme zzpermit [H3C-isp-cert] authorization lan-access radius-scheme zzpermit [H3C-isp-cert] accounting lan-access radius-scheme zzpermit [H3C-isp-cert] quit 3. Configure 802.1X authentication. # Enable 802.1X globally and on Ethernet 1/0/1. The 802.1X function takes effect on the interface only when 802.1X is enabled globally and on the interface. [H3C] dot1x 802.1X is enabled globally. [H3C] dot1x interface Ethernet 1/0/ X is enabled on port Ethernet 1/0/1. # Set the 802.1X authentication method. With LDAP authentication, you can set the 802.1X authentication method to EAP or PAP. In this example, the 802.1X authentication method is set to PAP. [H3C] dot1x authentication-method pap PAP authentication is enabled. Verifying the configuration Make sure the version of the inode client installed on the PC is compatible with IMC UAM. For more information about the compatibility, see the UAM readme file. Triggering 802.1X authentication in the inode client 1. On the inode client, click 802.1X Connection. The 802.1X Connection window opens. 2. Enter the username and password, and click Connect, as shown in Figure

18 Figure 24 Viewing the 802.1X connection The authentication process starts. The authentication result shows that the connection has been established, as shown in Figure 25. Figure 25 Authentication information 16

19 Viewing online users in UAM 1. Click the User tab. 2. From the navigation tree, select Access User > Online Users. 3. Click the Local tab. 4. Verify that the user named imc001 has been added to the online user list, as shown in Figure 26. Figure 26 Viewing the online user 17

HPE IMC UAM 802.1X Access Control and RSA Authentication Configuration Examples

HPE IMC UAM 802.1X Access Control and RSA Authentication Configuration Examples HPE IMC UAM 802.1X Access Control and RSA Authentication Configuration Examples Part Number: 5200-1366 Software version: IMC UAM 7.2 (E0403) Document version: 2 The information in this document is subject

More information

HPE IMC UAM 802.1X Authentication Configuration Examples

HPE IMC UAM 802.1X Authentication Configuration Examples HPE IMC UAM 802.1X Authentication Configuration Examples Part Number: 5200-1365 Software version: IMC UAM 7.2 (E0403) Document version: 2 The information in this document is subject to change without notice.

More information

HPE IMC UAM Binding Access Users with PCs Configuration Examples

HPE IMC UAM Binding Access Users with PCs Configuration Examples HPE IMC UAM Binding Access Users with PCs Configuration Examples Part Number: 5200-1372 Software version: IMC UAM 7.2 (E0403) Document version: 2 The information in this document is subject to change without

More information

HPE IMC UAM 802.1X Authentication and ACL Based Access Control Configuration Examples

HPE IMC UAM 802.1X Authentication and ACL Based Access Control Configuration Examples HPE IMC UAM 802.1X Authentication and ACL Based Access Control Configuration Examples Part Number: 5200-1368 Software version: IMC UAM 7.2 (E0406) Document version: 2 The information in this document is

More information

HPE IMC UAM Device User Authentication Configuration Examples

HPE IMC UAM Device User Authentication Configuration Examples HPE IMC UAM Device User Authentication Configuration Examples Part Number: 5200-1375 Software version: IMC UAM 7.2 (E0403) Document version: 2 The information in this document is subject to change without

More information

HPE IMC BYOD WLAN 802.1X Authentication and Security Check Using inode Configuration Examples

HPE IMC BYOD WLAN 802.1X Authentication and Security Check Using inode Configuration Examples HPE IMC BYOD WLAN 802.1X Authentication and Security Check Using inode Configuration Examples Part Number: 5200-1385 Software version: IMC UAM 7.2 (E0403) Document version: 2 The information in this document

More information

HPE IMC APM IIS Server Application Monitor Configuration Examples

HPE IMC APM IIS Server Application Monitor Configuration Examples HPE IMC APM IIS Server Application Monitor Configuration Examples Part number: 5200-1352 Software version: IMC APM 7.2 (E0401) Document version: 1 The information in this document is subject to change

More information

HPE IMC BYOD WLAN MAC Authentication Configuration Examples

HPE IMC BYOD WLAN MAC Authentication Configuration Examples HPE IMC BYOD WLAN MAC Authentication Configuration Examples Part Number: 5200-1389 Software version: IMC UAM 7.2 (E0403) Document version: 2 The information in this document is subject to change without

More information

HPE IMC UAM BYOD Quick Deployment on Mobile Device Configuration Examples

HPE IMC UAM BYOD Quick Deployment on Mobile Device Configuration Examples HPE IMC UAM BYOD Quick Deployment on Mobile Device Configuration Examples Part Number: 5200-1387 Software version: IMC UAM 7.2 (E0403) Document version: 2 The information in this document is subject to

More information

HPE IMC APM SQL Server Application Monitor Configuration Examples

HPE IMC APM SQL Server Application Monitor Configuration Examples HPE IMC APM SQL Server Application Monitor Configuration Examples Part number: 5200-1353 Software version: IMC APM 7.2 (E0401) Document version: 1 The information in this document is subject to change

More information

IMC inode Intelligent Client v7.0 (E0106) Copyright (c) Hewlett-Packard Development Company, L.P. and its licensors.

IMC inode Intelligent Client v7.0 (E0106) Copyright (c) Hewlett-Packard Development Company, L.P. and its licensors. IMC inode Intelligent Client v7.0 (E0106) Copyright (c) 2011-2014 Hewlett-Packard Development Company, L.P. and its licensors. Table of Contents 1. What's New in this Release 2. Problems Fixed in this

More information

Controlled/uncontrolled port and port authorization status

Controlled/uncontrolled port and port authorization status Contents 802.1X fundamentals 1 802.1X architecture 1 Controlled/uncontrolled port and port authorization status 1 802.1X-related protocols 2 Packet formats 2 EAP over RADIUS 4 Initiating 802.1X authentication

More information

HPE IMC NTA MPLS VPN Traffic Analysis Configuration Examples

HPE IMC NTA MPLS VPN Traffic Analysis Configuration Examples HPE IMC NTA MPLS VPN Traffic Analysis Configuration Examples Part number: 5200-1404 Software version: IMC NTA 7.2 (E0401) The information in this document is subject to change without notice. Copyright

More information

HPE IMC WSM Converged Topology Configuration Examples

HPE IMC WSM Converged Topology Configuration Examples HPE IMC WSM Converged Topology Configuration Examples Part number: 5200-1397 Software version: IMC WSM 7.2 (E0502P04) The information in this document is subject to change without notice. Copyright 2016

More information

HPE IMC Windows Migration Guide

HPE IMC Windows Migration Guide HPE IMC Windows Migration Guide Part number: 5200-4496 Software version: The information in this document is subject to change without notice. Copyright 2017 Hewlett Packard Enterprise Development LP Contents

More information

HPE IMC DBA User Database to IMC User Database Restoration Configuration Examples

HPE IMC DBA User Database to IMC User Database Restoration Configuration Examples HPE IMC DBA User Database to IMC User Database Restoration Configuration Examples Part number: 5200-1335 Software version: IMC PLAT 7.2 (E0403) The information in this document is subject to change without

More information

RADIUS Configuration. Overview. Introduction to RADIUS. Client/Server Model

RADIUS Configuration. Overview. Introduction to RADIUS. Client/Server Model Table of Contents RADIUS Configuration 1 Overview 1 Introduction to RADIUS 1 Client/Server Model 1 Security and Authentication Mechanisms 2 Basic Message Exchange Process of RADIUS 2 RADIUS Packet Format

More information

802.1x Configuration Examples H3C S7500 Series Ethernet Switches Release Table of Contents

802.1x Configuration Examples H3C S7500 Series Ethernet Switches Release Table of Contents Table of Contents Table of Contents Chapter 1 802.1X Overview... 1-1 1.1 Introduction to 802.1X... 1-1 1.2 Features Configuration... 1-1 1.2.1 Global Configuration... 1-1 1.2.2 Configuration in Port View...

More information

Table of Contents. 4 System Guard Configuration 4-1 System Guard Overview 4-1 Guard Against IP Attacks 4-1 Guard Against TCN Attacks 4-1

Table of Contents. 4 System Guard Configuration 4-1 System Guard Overview 4-1 Guard Against IP Attacks 4-1 Guard Against TCN Attacks 4-1 Table of Contents 1 802.1x Configuration 1-1 Introduction to 802.1x 1-1 Architecture of 802.1x Authentication 1-1 The Mechanism of an 802.1x Authentication System 1-3 Encapsulation of EAPoL Messages 1-3

More information

NetMotion Integration with GreenRADIUS - Quick Start Guide

NetMotion Integration with GreenRADIUS - Quick Start Guide NetMotion Integration with GreenRADIUS - Quick Start Guide March 15, 2016 2016 GreenRADIUS. All rights reserved. Page 1 of 16 2016 GreenRADIUS. All rights reserved. Page 2 of 16 Contents 1 GreenRADIUS

More information

HPE IMC WSM Network Planning Configuration Examples

HPE IMC WSM Network Planning Configuration Examples HPE IMC WSM Network Planning Configuration Examples Part number: 5200-1394 Software version: IMC WSM 7.2 (E0502P04) The information in this document is subject to change without notice. Copyright 2016,

More information

HPE Intelligent Management Center v7.3

HPE Intelligent Management Center v7.3 HPE Intelligent Management Center v7.3 Service Operation Manager Administrator Guide Abstract This guide contains comprehensive conceptual information for network administrators and other personnel who

More information

Creating Column Profiles on LDAP Data Objects

Creating Column Profiles on LDAP Data Objects Creating Column Profiles on LDAP Data Objects Copyright Informatica LLC 1993, 2017. Informatica LLC. No part of this document may be reproduced or transmitted in any form, by any means (electronic, photocopying,

More information

Configuring User VPN For Azure

Configuring User VPN For Azure Configuring User VPN For Azure Last updated: April 11, 2017 Aviatrix Systems, Inc. 411 High Street Palo Alto CA 94301 USA http://www.aviatrix.com Tel: +1 844.262.3100 Page 1 of 10 TABLE OF CONTENTS 1 Overview...3

More information

H3C SSL VPN Configuration Examples

H3C SSL VPN Configuration Examples H3C SSL VPN Configuration Examples Keywords: SSL, VPN, HTTPS, Web, TCP, IP Abstract: This document describes characteristics of H3C SSL VPN, details the basic configuration and configuration procedure

More information

IMC VAN Fabric Manager v7.0 (E0201) Copyright (c) Hewlett-Packard Development Company, L.P. and its licensors.

IMC VAN Fabric Manager v7.0 (E0201) Copyright (c) Hewlett-Packard Development Company, L.P. and its licensors. IMC VAN Fabric Manager v7.0 (E0201) Copyright (c) 2013-2014 Hewlett-Packard Development Company, L.P. and its licensors. Table of Contents 1. What's New in this Release 2. Problems Fixed in this Release

More information

Secure Access Configuration Guide For Wireless Clients

Secure Access Configuration Guide For Wireless Clients ProCurve Networking Secure Access Configuration Guide For Wireless Clients Secure Access Configuration Guide For Wireless Clients Introduction... 2 Configuration Scenarios... 2 Required Network Services...

More information

Table of Contents X Configuration 1-1

Table of Contents X Configuration 1-1 Table of Contents 1 802.1X Configuration 1-1 802.1X Overview 1-1 Architecture of 802.1X 1-2 Authentication Modes of 802.1X 1-2 Basic Concepts of 802.1X 1-3 EAP over LAN 1-4 EAP over RADIUS 1-5 802.1X Authentication

More information

H3C Intelligent Management Center

H3C Intelligent Management Center H3C Intelligent Management Center TACACS+ Authentication Manager Administrator Guide New H3C Technologies Co., Ltd. http://www.h3c.com.hk Software version: IMC TAM 7.3 (E0501) Document version: 5PW105-20170515

More information

HPE IMC NTA/UBA Cisco Network Traffic Monitoring Through NetFlow Configuration Examples

HPE IMC NTA/UBA Cisco Network Traffic Monitoring Through NetFlow Configuration Examples HPE IMC NTA/UBA Cisco Network Traffic Monitoring Through NetFlow Configuration Examples Part number: 5200-4121 Software version: IMC NTA 7.3 (E0503) Software version: IMC UBA 7.3 (E0503) The information

More information

VMware View (Horizon)

VMware View (Horizon) VMware View (Horizon) Contents 1 Introduction 2 Credits 3 Prerequisites 4 Baseline 5 Architecture 6 Swivel Configuration 6.1 Configuring the RADIUS server 6.2 Setting up the RADIUS NAS 6.3 Enabling Session

More information

Table of Contents X Configuration 1-1

Table of Contents X Configuration 1-1 Table of Contents 1 802.1X Configuration 1-1 802.1X Overview 1-1 Architecture of 802.1X 1-1 Authentication Modes of 802.1X 1-2 Basic Concepts of 802.1X 1-2 EAP over LAN 1-3 EAP over RADIUS 1-5 802.1X Authentication

More information

IMC User Access Manager 7.1 (E0302P15) Copyright (c) 2015 Hewlett-Packard Development Company, L.P. and its licensors.

IMC User Access Manager 7.1 (E0302P15) Copyright (c) 2015 Hewlett-Packard Development Company, L.P. and its licensors. IMC User Access Manager 7.1 (E0302P15) Copyright (c) 2015 Hewlett-Packard Development Company, L.P. and its licensors. Table of Contents 1. What's New in this Release 2. Problems Fixed in this Release

More information

Operation Manual Login and User Interface. Table of Contents

Operation Manual Login and User Interface. Table of Contents Table of Contents Table of Contents Chapter 1 Switch Login... 1-1 1.1 Setting Up Configuration Environment Through the Console Port... 1-1 1.2 Setting Up Configuration Environment Through Telnet... 1-2

More information

Installation Guide. OMi Management Pack for Microsoft Skype for Business Server. Software Version: 1.00

Installation Guide. OMi Management Pack for Microsoft Skype for Business Server. Software Version: 1.00 OMi Management Pack for Microsoft Skype for Business Server Software Version: 1.00 For Operations Manager i for Linux and Windows operating systems Installation Guide Document Release Date: July 2017 Software

More information

Mobility Management Platform from AT&T

Mobility Management Platform from AT&T Quick start guide to Mobility Management Platform from AT&T For the management of AT&T Work Data and AT&T Work Voice https://mmp.att.com Setting up Mobility Management Platform Click the Set password,

More information

Using LifeSize Systems with Microsoft Office Communications Server 2007

Using LifeSize Systems with Microsoft Office Communications Server 2007 Using LifeSize Systems with Microsoft Office Communications Server 2007 This technical note describes the steps to integrate a LifeSize video communications device with Microsoft Office Communication Server

More information

Radius Configuration FSOS

Radius Configuration FSOS FSOS Radius Configuration Contents 1. RADIUS Configuration... 1 1.1 Radius Overview...1 1.1.1 AAA Overview...1 1.1.2 AAA Realization...1 1.1.3 RADIUS Overview...2 1.2 RADIUS Configuration... 3 1.2.1 RADIUS

More information

HPE Intelligent Management Center

HPE Intelligent Management Center HPE Intelligent Management Center VAN Connection Manager Administrator Guide Abstract This guide contains comprehensive information for network administrators, engineers, and operators who manage the VAN

More information

Overview. ACE Appliance Device Manager Overview CHAPTER

Overview. ACE Appliance Device Manager Overview CHAPTER 1 CHAPTER This section contains the following: ACE Appliance Device Manager, page 1-1 Logging Into ACE Appliance Device Manager, page 1-3 Changing Your Account Password, page 1-4 ACE Appliance Device Manager

More information

Quick Start Guide for Standalone EAP

Quick Start Guide for Standalone EAP Quick Start Guide for Standalone EAP CHAPTERS 1. Determine the Management Method 2. Build the Network Topology 3. Log In to the EAP 4. Edit the SSID 5. Configure and Manage the EAP This guide applies to:

More information

H3C SecBlade NetStream Card Configuration Examples

H3C SecBlade NetStream Card Configuration Examples H3C SecBlade NetStream Card Configuration Examples Copyright 2012 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual may be reproduced or transmitted in any form or by any

More information

Wireless LAN Controller Web Authentication Configuration Example

Wireless LAN Controller Web Authentication Configuration Example Wireless LAN Controller Web Authentication Configuration Example Document ID: 69340 Contents Introduction Prerequisites Requirements Components Used Conventions Web Authentication Web Authentication Process

More information

Operation Manual AAA RADIUS HWTACACS H3C S5500-EI Series Ethernet Switches. Table of Contents

Operation Manual AAA RADIUS HWTACACS H3C S5500-EI Series Ethernet Switches. Table of Contents Table of Contents Table of Contents... 1-1 1.1 AAA/RADIUS/HWTACACS Over... 1-1 1.1.1 Introduction to AAA... 1-1 1.1.2 Introduction to RADIUS... 1-3 1.1.3 Introduction to HWTACACS... 1-9 1.1.4 Protocols

More information

HP Unified Wired-WLAN Products

HP Unified Wired-WLAN Products HP Unified Wired-WLAN Products Security Command Reference HP 830 Unified Wired-WLAN PoE+ Switch Series HP 850 Unified Wired-WLAN Appliance HP 870 Unified Wired-WLAN Appliance HP 11900/10500/7500 20G Unified

More information

Identity Firewall. About the Identity Firewall

Identity Firewall. About the Identity Firewall This chapter describes how to configure the ASA for the. About the, on page 1 Guidelines for the, on page 7 Prerequisites for the, on page 9 Configure the, on page 10 Monitoring the, on page 16 History

More information

Interfaces for Firepower Threat Defense

Interfaces for Firepower Threat Defense This chapter includes Firepower Threat Defense interface configuration including Ethernet settings, EtherChannels, VLAN subinterfaces, IP addressing, and more. About Firepower Threat Defense Interfaces,

More information

Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device

Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device Prerequisites An activated MyID account is required to use ResNet s wireless network. If you have not activated your MyID account,

More information

HPE Security ArcSight Connectors

HPE Security ArcSight Connectors HPE Security ArcSight Connectors SmartConnector for Microsoft Windows Event Log Unified Configuration Guide May 16, 2016 SmartConnector for Microsoft Windows Event Log Unified Configuration Guide SmartConnector

More information

NetConnect to GlobalProtect Migration Tech Note PAN-OS 4.1

NetConnect to GlobalProtect Migration Tech Note PAN-OS 4.1 NetConnect to GlobalProtect Migration Tech Note PAN-OS 4.1 Revision A 2011, Palo Alto Networks, Inc. Contents Overview... 3 GlobalProtect Overview... 3 LICENSING... 3 UPGRADE... 3 Understanding the Migrated

More information

ForeScout CounterACT. Configuration Guide. Version 4.3

ForeScout CounterACT. Configuration Guide. Version 4.3 ForeScout CounterACT Authentication Module: RADIUS Plugin Version 4.3 Table of Contents Overview... 4 Understanding the 802.1X Protocol... 4 About the CounterACT RADIUS Plugin... 6 IPv6 Support... 7 About

More information

HPE Security ArcSight Connectors

HPE Security ArcSight Connectors HPE Security ArcSight Connectors SmartConnector for Windows Event Log Unified: Microsoft Network Policy Server Supplemental Configuration Guide March 29, 2013 Supplemental Configuration Guide SmartConnector

More information

Integrating YuJa Enterprise Video Platform with LDAP / Active Directory

Integrating YuJa Enterprise Video Platform with LDAP / Active Directory Integrating YuJa Enterprise Video Platform with LDAP / Active Directory 1. Overview This document is intended to guide users on how to integrate Single Sign-On (SSO) capabilities using LDAP/Active Directory

More information

RSA SecurID Ready with Wireless LAN Controllers and Cisco Secure ACS Configuration Example

RSA SecurID Ready with Wireless LAN Controllers and Cisco Secure ACS Configuration Example RSA SecurID Ready with Wireless LAN Controllers and Cisco Secure ACS Configuration Example Document ID: 100162 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information

More information

ACS 5.x: LDAP Server Configuration Example

ACS 5.x: LDAP Server Configuration Example ACS 5.x: LDAP Server Configuration Example Document ID: 113473 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information Directory Service Authentication Using

More information

OMi Management Pack for Microsoft SQL Server. Software Version: For the Operations Manager i for Linux and Windows operating systems.

OMi Management Pack for Microsoft SQL Server. Software Version: For the Operations Manager i for Linux and Windows operating systems. OMi Management Pack for Microsoft Software Version: 1.01 For the Operations Manager i for Linux and Windows operating systems User Guide Document Release Date: April 2017 Software Release Date: December

More information

Configuration of Cisco ACS 5.2 Radius authentication with comware v7 switches 2

Configuration of Cisco ACS 5.2 Radius authentication with comware v7 switches 2 Contents Configuration of Cisco ACS 5.2 Radius authentication with comware v7 switches 2 Network requirements: 2 Networking diagram 2 Configuration steps 2 Cisco ACS 5.2 configuration 4 Verifying the working

More information

Realms and Identity Policies

Realms and Identity Policies The following topics describe realms and identity policies: Introduction:, page 1 Creating a Realm, page 5 Creating an Identity Policy, page 11 Creating an Identity Rule, page 15 Managing Realms, page

More information

Configuring Hybrid REAP

Configuring Hybrid REAP 13 CHAPTER This chapter describes hybrid REAP and explains how to configure this feature on controllers and access points. It contains the following sections: Information About Hybrid REAP, page 13-1,

More information

How to setup Remote VPN access using Windows Radius Server and Unifi USG/Controller

How to setup Remote VPN access using Windows Radius Server and Unifi USG/Controller How to setup Remote VPN access using Windows Radius Server and Unifi USG/Controller Prerequisites: Windows Server 2012 or newer Domain Controller Services running Unifi USG (Pro, XG or 3P) Administrative

More information

Logging in through SNMP from an NMS 22 Overview 22 Configuring SNMP agent 22 NMS login example 24

Logging in through SNMP from an NMS 22 Overview 22 Configuring SNMP agent 22 NMS login example 24 Contents Logging in to the CLI 1 Login methods 1 Logging in through the console or AUX port 2 Introduction 2 Configuration procedure 2 Logging in through Telnet 6 Introduction 6 Logging in to the switch

More information

Table of Contents 1 AAA Overview AAA Configuration 2-1

Table of Contents 1 AAA Overview AAA Configuration 2-1 Table of Contents 1 AAA Overview 1-1 Introduction to AAA 1-1 Authentication 1-1 Authorization 1-1 Accounting 1-2 Introduction to ISP Domain 1-2 Introduction to AAA Services 1-3 Introduction to RADIUS 1-3

More information

HP Intelligent Management Center

HP Intelligent Management Center HP Intelligent Management Center Application Manager Administrator Guide Abstract This guide provides instructions for using IMC Application Manager. It includes information on prerequisites, service monitor

More information

H3C SR6600 Routers DVPN Configuration Example

H3C SR6600 Routers DVPN Configuration Example H3C SR6600 Routers DVPN Configuration Example Keywords: DVPN, VPN, VAM, AAA, IPsec, GRE Abstract: This document describes the DVPN configuration example for the H3C SR6600 Routers Series. Acronyms: Acronym

More information

AirWatch Mobile Device Management

AirWatch Mobile Device Management RSA Ready Implementation Guide for 3rd Party PKI Applications Last Modified: November 26 th, 2014 Partner Information Product Information Partner Name Web Site Product Name Version & Platform Product Description

More information

Using the Management Interfaces

Using the Management Interfaces The following management interfaces are provided for external users and applications: Web User Interface, on page 1 Using Web User Interface for Day One Setup, on page 5 Web User Interface You can access

More information

Obtaining the LDAP Search string (Distinguished Name)?

Obtaining the LDAP Search string (Distinguished Name)? How to Configure LDAP Sync with the Altium Vault Old Content - see latest equivalent Modified by Jason Howie on 31-May-2017 An LDAP Sync allows the administrator of an Altium Vault to leverage the network

More information

Exchange Sync. for Microsoft Dynamics CRM. Installation

Exchange Sync. for Microsoft Dynamics CRM. Installation Exchange Sync for Microsoft Dynamics CRM Installation Contents 1 Introduction 1 About CRM Exchange Sync 2 About Brite Global 3 Installation and Configuration 3 Prerequisites 4 Installation Process 6 Configuration

More information

Aruba Central Switch Configuration

Aruba Central Switch Configuration Aruba Central Switch Configuration User Guide Copyright Information Copyright 2017Hewlett Packard Enterprise Development LP. Open Source Code This product includes code licensed under the GNU General Public

More information

AWS Remote Access VPC Bundle

AWS Remote Access VPC Bundle AWS Remote Access VPC Bundle Deployment Guide Last updated: April 11, 2017 Aviatrix Systems, Inc. 411 High Street Palo Alto CA 94301 USA http://www.aviatrix.com Tel: +1 844.262.3100 Page 1 of 12 TABLE

More information

Certificate Management

Certificate Management Certificate Management This guide provides information on...... Configuring the NotifyMDM server to use a Microsoft Active Directory Certificate Authority... Using Certificates from Outside Sources...

More information

User authentication configuration example 11 Command authorization configuration example 13 Command accounting configuration example 14

User authentication configuration example 11 Command authorization configuration example 13 Command accounting configuration example 14 Contents Logging in to the CLI 1 Login methods 1 Logging in through the console or AUX port 2 Logging in through Telnet 5 Telnetting to the switch 5 Telnetting from the switch to another device 7 Logging

More information

IMC Network Traffic Analyzer 7.3 (E0504) Copyright 2015, 2017 Hewlett Packard Enterprise Development LP

IMC Network Traffic Analyzer 7.3 (E0504) Copyright 2015, 2017 Hewlett Packard Enterprise Development LP Network Traffic Analyzer 7.3 (E0504) Copyright 2015, 2017 Hewlett Packard Enterprise Development LP Table of Contents 1. What's New in this Release 2. Problems Fixed in this Release 3. Software Distribution

More information

Managing External Identity Sources

Managing External Identity Sources CHAPTER 5 The Cisco Identity Services Engine (Cisco ISE) integrates with external identity sources to validate credentials in user authentication functions, and to retrieve group information and other

More information

H3C Firewall and UTM Devices Log Management with IMC Firewall Manager Configuration Examples (Comware V5)

H3C Firewall and UTM Devices Log Management with IMC Firewall Manager Configuration Examples (Comware V5) H3C Firewall and UTM Devices Log Management with IMC Firewall Manager Configuration Examples (Comware V5) Copyright 2015 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual

More information

WHITE PAPER: 802.1X PORT AUTHENTICATION WITH MICROSOFT S ACTIVE DIRECTORY

WHITE PAPER: 802.1X PORT AUTHENTICATION WITH MICROSOFT S ACTIVE DIRECTORY Written By: Philip Kwan March 2003 March 2003 2003 Foundry Networks, Inc. Summary Microsoft s Active Directory service is one of the most popular authentication directories in use today. This white paper

More information

Configuring Role-Based Access Control

Configuring Role-Based Access Control Configuring Role-Based Access Control This chapter includes the following sections: Role-Based Access Control, page 1 User Accounts for Cisco UCS Manager, page 1 User Roles, page 3 Privileges, page 4 User

More information

OneLogin Integration User Guide

OneLogin Integration User Guide OneLogin Integration User Guide Table of Contents OneLogin Account Setup... 2 Create Account with OneLogin... 2 Setup Application with OneLogin... 2 Setup Required in OneLogin: SSO and AD Connector...

More information

HP Operations Orchestration Software

HP Operations Orchestration Software HP Operations Orchestration Software Software Version: 7.51 HP Operations Manager Integration Guide Document Release Date: August 2009 Software Release Date: August 2009 Legal Notices Warranty The only

More information

Obtain the hostname or IP address of Cisco UCS Central. Obtain the shared secret that was configured when Cisco UCS Central was deployed.

Obtain the hostname or IP address of Cisco UCS Central. Obtain the shared secret that was configured when Cisco UCS Central was deployed. Registering Cisco UCS Domains with Cisco UCS Central Registration of Cisco UCS Domains, on page 1 Policy Resolution between Cisco UCS Manager and Cisco UCS Central, on page 1 Registering a Cisco UCS Domain

More information

HP High-End Firewalls

HP High-End Firewalls HP High-End Firewalls Getting Started Guide Part number: 5998-2646 Software version: F1000-A-EI&F1000-S-EI: R3721 F5000: F3210 F1000-E: F3171 Firewall module: F3171 Document version: 6PW101-20120719 Legal

More information

H3C Firewall and UTM Devices L2TP VPN Virtual Firewall Configuration Examples (Comware V5)

H3C Firewall and UTM Devices L2TP VPN Virtual Firewall Configuration Examples (Comware V5) H3C Firewall and UTM Devices L2TP VPN Virtual Firewall Configuration Examples (Comware V5) Copyright 2015 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual may be reproduced

More information

Forescout. Configuration Guide. Version 4.4

Forescout. Configuration Guide. Version 4.4 Forescout Version 4.4 Contact Information Forescout Technologies, Inc. 190 West Tasman Drive San Jose, CA 95134 USA https://www.forescout.com/support/ Toll-Free (US): 1.866.377.8771 Tel (Intl): 1.408.213.3191

More information

External Authentication with Checkpoint R77.20 Authenticating Users Using SecurAccess Server by SecurEnvoy

External Authentication with Checkpoint R77.20 Authenticating Users Using SecurAccess Server by SecurEnvoy External Authentication with Checkpoint R77.20 Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 Merlin House Brunel Road Theale

More information

Registering Cisco UCS Domains with Cisco UCS Central

Registering Cisco UCS Domains with Cisco UCS Central Registering Cisco UCS Domains with Cisco UCS Central This chapter includes the following sections: Registration of Cisco UCS Domains, page 1 Policy Resolution between Cisco UCS Manager and Cisco UCS Central,

More information

Implementing Infoblox Data Connector 2.0

Implementing Infoblox Data Connector 2.0 DEPLOYMENT GUIDE Implementing Infoblox Data Connector 2.0 2017 Infoblox Inc. All rights reserved. Implementing Infoblox Data Connector, July 2017 Page 1 of 31 Contents Overview... 3 Prerequisites... 3

More information

Logging in to the CLI

Logging in to the CLI Contents Logging in to the CLI 1 Login methods 1 Logging in through the console port 2 Introduction 2 Configuration procedure 2 Logging in through the AUX port 5 Configuration prerequisites 5 Configuration

More information

Aruba Central Switch Configuration

Aruba Central Switch Configuration Aruba Central Switch Configuration User Guide Copyright Information Copyright 2016 Hewlett Packard Enterprise Development LP. Open Source Code This product includes code licensed under the GNU General

More information

Setting Up Resources in VMware Identity Manager. VMware Identity Manager 2.8

Setting Up Resources in VMware Identity Manager. VMware Identity Manager 2.8 Setting Up Resources in VMware Identity Manager VMware Identity Manager 2.8 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments

More information

Setting Up Resources in VMware Identity Manager

Setting Up Resources in VMware Identity Manager Setting Up Resources in VMware Identity Manager VMware Identity Manager 2.7 This document supports the version of each product listed and supports all subsequent versions until the document is replaced

More information

Configure 802.1x - PEAP with FreeRadius and WLC 8.3

Configure 802.1x - PEAP with FreeRadius and WLC 8.3 Configure 802.1x - PEAP with FreeRadius and WLC 8.3 Contents Introduction Prerequisites Requirements Components Used Configure Network Diagram Install httpd Server and MariaDB Install PHP 7 on CentOS 7

More information

HPE Intelligent Management Center

HPE Intelligent Management Center HPE Intelligent Management Center Branch Intelligent Management System Administrator Guide Abstract This document describes how to administer the HPE IMC Branch Intelligent Management System. Part number:

More information

Table of Contents. VMware AirWatch: Technology Partner Integration

Table of Contents. VMware AirWatch: Technology Partner Integration Table of Contents Lab Overview - HOL-1857-08-UEM - Workspace ONE UEM - Technology Partner Integration... 2 Lab Guidance... 3 Module 1 - F5 Integration with Workspace ONE UEM (30 min)... 9 Introduction...

More information

Configuration Guide. For Managing EAPs via EAP Controller

Configuration Guide. For Managing EAPs via EAP Controller Guide For Managing EAPs via EAP Controller 1910012313 REV1.0.0 December 2017 CONTENTS 1 Overview... 1 2 Configuration... 2 2.1 Managing EAPs in the Same Subnet... 2 2.2 Managing EAPs in Different Subnets...

More information

HP IMC Smart Connect Virtual Appliance Software

HP IMC Smart Connect Virtual Appliance Software Data sheet HP IMC Smart Connect Virtual Appliance Software Key features Identity-based access, advanced device profiling, and real-time traffic quarantining Converged network support with universal policies

More information

HPE Intelligent Management Center

HPE Intelligent Management Center HPE Intelligent Management Center Service Health Manager Administrator Guide Abstract This guide provides introductory, configuration, and usage information for Service Health Manager (SHM). It is for

More information

Configuring CWMP Service

Configuring CWMP Service CHAPTER 12 This chapter describes how to configure the CWMP service in Cisco Broadband Access Center (BAC). Topics covered are:, page 12-1 Configuring Service Ports on the DPE, page 12-2 Disabling Connection

More information

Manage End Users. End User Overview. End User Management Tasks. End User Overview, on page 1 End User Management Tasks, on page 1

Manage End Users. End User Overview. End User Management Tasks. End User Overview, on page 1 End User Management Tasks, on page 1 End User Overview, on page 1 End User Management Tasks, on page 1 End User Overview When administering an up and running system, you may need to make updates to the list of configured end users in your

More information

VMware Identity Manager Administration

VMware Identity Manager Administration VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new

More information

Table of Contents HOL-1757-MBL-6

Table of Contents HOL-1757-MBL-6 Table of Contents Lab Overview - - VMware AirWatch: Technology Partner Integration... 2 Lab Guidance... 3 Module 1 - F5 Integration with AirWatch (30 min)... 8 Getting Started... 9 F5 BigIP Configuration...

More information