Operating notes

  • Only RADIUS authentication supports the new VSAs. Other authentication types, such as TACACS, are not supported.

  • If the RADIUS server delivers a new VSA to an authenticator switch that does not understand it, the Access-Accept message is accepted and the new VSA is ignored by the switch.

NOTE:

The switch does not support RADIUS security for SNMP (network management) access.

The switch default configuration allows SNMP access to the hpSwitchAuth Management Information Base (MIB). A management station running an SNMP networked device management application can access the switch MIB for read access to the switch status. And read/write access to the switch configuration.

Switches take advantage of vendor-specific attributes (VSAs) applied in a RADIUS server to support the following optional, RADIUS-assigned attributes:
  • 802.1p (CoS) priority assignment to inbound traffic on specified ports (port-access authentication only)

  • Per-Port Rate-Limiting on a port with an active link to an authenticated client (port-access authentication only).