HP FlexFabric 5700 Series Security Configuration Manual page 29

1. Configure the required AAA schemes.
Local authentication—Configure local users and the related attributes, including the usernames
and passwords, for the users to be authenticated.
Remote authentication—Configure the required RADIUS, HWTACACS, and LDAP schemes.
2. Configure AAA methods for the users' ISP domains. To use remote AAA methods, you must specify
the configured RADIUS, HWTACACS, or LDAP schemes in ISP domain view.
Figure 9 AAA configuration procedure
Configure local users and related
Create an ISP domain
No AAA and enter ISP domain
Configure the RADIUS, HWTACACS,
or LDAP schemes to be used
Remote AAA
To configure AAA, perform the following tasks:
Tasks at a glance
(Required.) Perform at least one of the following tasks to configure local users or AAA schemes:
•
Configuring local users
•
Configuring RADIUS schemes
•
Configuring HWTACACS schemes
•
Configuring LDAP schemes
(Required.) Configure AAA methods for ISP domains:
1. (Required.) Creating an ISP domain
2. (Optional.) Configuring ISP domain attributes
3. (Required.) Perform at least one of the following tasks to configure AAA authentication, authorization, and
accounting methods for the ISP domain:
Configuring authentication methods for an ISP domain
Configuring authorization methods for an ISP domain
Configuring accounting methods for an ISP domain
(Optional.) Enabling the session-control feature
(Optional.) Setting the maximum number of concurrent login users
(Optional.) Configuring a NAS-ID profile
Local AAA
Configure AAA methods for
different types of users or/and
the default methods for all
attributes
types of users
view
17
Authentication method
+
Authorization method
+
Accounting method
none/ local (the default)/scheme
none/ local (the default)/scheme
none/ local (the default)/scheme