HP 3600 v2 Series Configuration Manual page 75
Hide thumbs
Also See for 3600 v2 Series:
- Command reference manual (510 pages) ,
- Configuration manual (441 pages) ,
- Security configuration manual (398 pages)
Table of Contents
Advertisement
[SwitchA-ui-vty0-4] authentication-mode scheme
[SwitchA-ui-vty0-4] quit
# Create RADIUS scheme rad.
[SwitchA] radius scheme rad
# Specify the IP address for the primary authentication server as 10.1.1.2, the port for
authentication as 1645, and the shared key for secure authentication communication as abc.
[SwitchA-radius-rad] primary authentication 10.1.1.2 1645 key abc
# Configure the scheme to remove the domain name from a username before sending the
username to the RADIUS server.
[SwitchA-radius-rad] user-name-format without-domain
# Set the source IP address for RADIUS packets as 10.1.1.1.
[SwitchA-radius-rad] nas-ip 10.1.1.1
[SwitchA-radius-rad] quit
# Create ISP domain bbb.
[SwitchA] domain bbb
# Specify the authentication method for Telnet users as rad.
[SwitchA-isp-bbb] authentication login radius-scheme rad
# Specify the authorization method for Telnet users as rad.
[SwitchA-isp-bbb] authorization login radius-scheme rad
# Specify the accounting method for Telnet users as none.
[SwitchA-isp-bbb] accounting login none
# Configure the RADIUS server type as standard. When a switch is configured to serve as a
RADIUS server, the server type must be set to standard.
[SwitchA-isp-bbb] server-type standard
[SwitchA-isp-bbb] quit
# Configure bbb as the default ISP domain. Then, if a user enters a username without any ISP
domain at login, the authentication and accounting methods of the default domain is used for the
user.
[SwitchA] domain default enable bbb
3.
Configure the RADIUS server:
# Create RADIUS user aaa and enter its view.
<SwitchB> system-view
[SwitchB] radius-server user aaa
# Configure plaintext password aabbcc for user aaa.
[SwitchB-rdsuser-aaa] password simple aabbcc
[SwitchB-rdsuser-aaa] quit
# Specify the IP address of the RADIUS client as 10.1.1.1 and the plaintext shared key as abc.
[SwitchB] radius-server client-ip 10.1.1.1 key simple abc
4.
Verify the configuration:
After entering username aaa@bbb or aaa and password aabbcc, user aaa can telnet to Switch A.
Use the display connection command to view the connection information on Switch A.
<SwitchA> display connection
Index=1
,Username=aaa@bbb
IP=192.168.1.2
62
Advertisement
Table of Contents
Troubleshooting
