Configuring Tacacs+ Server Authentication/Accounting - 3Com 3C13636 Configuration Manual

Router 3000 ethernet family

Hide thumbs Also See for 3C13636:

Table of Contents

3Com Router 3000 Ethernet Family

Configuration Guide

[3Com-Serial0/0/0] ip address 188.188.188.2 255.255.255.0

[3Com-Serial0/0/0] remote address pool 1

# Configure the Ethernet interface.

[3Com-Serial0/0/0] interface ethernet 1/0/0

[3Com-ethernet1/0/0] ip address 10.110.91.160 255.255.255.0

In addition, you must configure the shared key for packets between the RADIUS or

TACACS server and the router on the RADIUS and TACACS server respectively, and

add the PPP user name and password. The related configuration is omitted here.

2.6.5 Configuring TACACS+ Server Authentication/Accounting

I. Network requirements

As shown in Figure 2-11, one TACACS+ server with IP address 10.110.91.146, serving

the purposes of authentication, authentication, and accounting servers, is connected to

authentication/accounting service to users that telnet to the router, do the following:

Set the shared keys for packet exchange with the authentication, authorization,

and accounting servers to expert.

Add a fully qualified username, test@tacacs for example, for Telnet users on the

TACACS+ server. (As The TACACS+ server provides one-time password

authentication, so the router sends fully qualified usernames to the server. )

II. Network diagram

Figure 2-11 Configure remote TACACS+ authentication for the Telnet user

III. Configuration procedure

Configure the router

# Configure Telnet users to use AAA authentication.

Authentication/accounting servers

( IP address:10.110.91.146 )

3Com Corporation

Chapter 2 AAA and RADIUS/HWTACACS Protocol

Configuration

Table of Contents

3c13636-us - router 3036 3000 series