Aaa For Telnet Users By Separate Servers - HP A5830 Series Configuration Manual
Security switch
Hide thumbs
Also See for A5830 Series:
- Command reference manual (249 pages) ,
- Configuration manual (246 pages) ,
- Configuration manual (152 pages)
Table of Contents
Advertisement
Verify the configuration.
2.
Telnet to the switch as a user, and enter the correct username and password. You pass authentication
and log in to the switch. By issuing the display connection command on the switch, you can see
information about the user connection.
AAA for Telnet users by separate servers
Network requirements
As shown in
and RADIUS accounting services for Telnet users. Set the shared keys for packet exchange with the
HWTACACS server and the RADIUS server to expert. Configure the switch to remove the domain name
from a username before sending the username to the servers.
Figure 11 Configure AAA by separate servers for Telnet users
Configuration procedure
Configure the switch.
1.
# Assign IP addresses to interfaces. (Details not shown)
# Enable the Telnet server on the switch.
<Switch> system-view
[Switch] telnet server enable
# Configure the switch to use AAA for Telnet users.
[Switch] user-interface vty 0 4
[Switch-ui-vty0-4] authentication-mode scheme
[Switch-ui-vty0-4] quit
# Configure the HWTACACS scheme.
[Switch] hwtacacs scheme hwtac
[Switch-hwtacacs-hwtac] primary authorization 10.1.1.2 49
[Switch-hwtacacs-hwtac] key authorization expert
[Switch-hwtacacs-hwtac] user-name-format without-domain
[Switch-hwtacacs-hwtac] quit
# Configure the RADIUS scheme.
[Switch] radius scheme rd
[Switch-radius-rd] primary accounting 10.1.1.1 1813
[Switch-radius-rd] key accounting expert
[Switch-radius-rd] server-type extended
Figure
11, configure the switch to provide local authentication, HWTACACS authorization,
46
Advertisement
Table of Contents
Troubleshooting
