93
AAA/RADIUS/HWTAC
ACS Configuration
Overview
Introduction to AAA
AAA/RADIUS/HWTACACS
C
ONFIGURATION
When configuring AAA/RADIUS/HWTACACS, go to these sections for information
you are interested in:
"AAA/RADIUS/HWTACACS Configuration Overview" on page 1751
■
"AAA/RADIUS/HWTACACS Configuration Task List" on page 1760
■
"Configuring AAA" on page 1761
■
"Configuring RADIUS" on page 1769
■
"Configuring HWTACACS" on page 1777
■
"Displaying and Maintaining AAA/RADIUS/HWTACACS" on page 1780
■
"AAA/RADIUS/HWTACACS Configuration Example" on page 1781
■
"Troubleshooting AAA/RADIUS/HWTACACS" on page 1786
■
This section covers these topics:
"Introduction to AAA" on page 1751
■
"Introduction to ISP Domain" on page 1752
■
"Introduction to RADIUS" on page 1753
■
"Introduction to HWTACACS" on page 1757
■
Authentication, authorization, and accounting (AAA) provides a uniform
framework for configuring these three security functions to implement the
network security management.
The network security mentioned here refers to access control and includes these
problems:
Which users can access the network servers?
■
Which services can the authorized users enjoy?
■
How to keep accounts for users using the network resources?
■
Accordingly, AAA provides the following services:
Authentication
AAA supports the following authentication methods:
None authentication: All users are trusted and no authentication is performed.
■
Generally, this method is not recommended.
Local authentication: User information (including username, password, and
■
attributes) is configured on the device. Local authentication features high