Aaa And Radius Protocol Configuration; Radius Protocol Overview - 3Com 5500-SI Configuration Manual
5500 series
Hide thumbs
Also See for 5500-SI:
- Datasheet (9 pages) ,
- Getting started manual (148 pages) ,
- Quick reference manual (59 pages)
Table of Contents
Advertisement
AAA and RADIUS
Protocol
Configuration
RADIUS Protocol
Overview
2 Add local access user.
a Set the user name and password.
[SW5500]local-user 00e0fc010101
[SW5500-luser-00e0fc010101]password simple 00e0fc010101
b Set the service type of the user to lan-access.
[SW5500-luser-00e0fc010101]service-type lan-access
3 Enable the MAC address authentication globally.
[SW5500]mac-authentication
4 Configure the ISP domain used by the user.
[SW5500]mac-authentication domain 3com163.net
For the configuration of the domain 3com163.net, see "802.1x Configuration
Example" on page 403.
Authentication, Authorization and Accounting (AAA) provide a uniform framework
used for configuring these three security functions to implement the network security
management.
The network security mentioned here refers to access control and it includes:
Which user can access the network server?
■
Which service can the authorized user enjoy?
■
How to keep accounts for the user who is using the network resource?
■
Accordingly, AAA provides the following services:
Authentication: authenticates if the user can access the network server.
■
Authorization: authorizes the user with specified services.
■
Accounting: traces network resources consumed by the user.
■
As mentioned above, AAA is a management framework, so it can be implemented by
some protocols. RADIUS is such a protocol that is frequently used.
What is RADIUS?
Remote Authentication Dial-In User Service, RADIUS for short, is a type of distributed
information switching protocol in Client/Server architecture. RADIUS can prevent the
network from interruption of unauthorized access and it is often used in the network
environments requiring both high security and remote user access. For example, it is
often used for managing a large number of scattering dial-in users who use serial
ports and modems. RADIUS system is the important auxiliary part of Network Access
Server (NAS).
After RADIUS system is started, if the user wants to have the right to access other
networks or consume some network resources through connection to NAS (dial-in
access server in PSTN environment or a Switch with the access function in an Ethernet
environment), NAS, namely RADIUS client end, will transmit user AAA request to the
RADIUS server. A RADIUS server has a user database recording all the information of
user authentication and network service access. When receiving a user's request from
NAS, the RADIUS server performs AAA through user database query and update and
AAA and RADIUS Protocol Configuration 409
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
