Huawei Quidway S2700 Series Configuration Manual page 52
Hide thumbs
Also See for Quidway S2700 Series:
- Configuration manual (354 pages) ,
- Hardware installation and maintenance manual (183 pages) ,
- Quick start manual (62 pages)
Table of Contents
Advertisement
Quidway S2700 Series Ethernet Switches
Configuration Guide - Security
# Configure the RADIUS template named shiva.
<Quidway> system-view
[Quidway] radius-server template shiva
# Configure the IP addresses and port numbers of the primary RADIUS authentication and
accounting servers.
[Quidway-radius-shiva] radius-server authentication 129.7.66.66 1812
[Quidway-radius-shiva] radius-server accounting 129.7.66.66 1813
# Set the IP addresses and port numbers of the secondary RADIUS authentication and accounting
servers.
[Quidway-radius-shiva] radius-server authentication 129.7.66.67 1812 secondary
[Quidway-radius-shiva] radius-server accounting 129.7.66.67 1813 secondary
# Set the key and retransmission count for the RADIUS server.
[Quidway-radius-shiva] radius-server shared-key cipher hello
[Quidway-radius-shiva] radius-server retransmit 2
[Quidway-radius-shiva] quit
Step 2 Configure the authentication and accounting schemes.
# Configure authentication scheme1, with the authentication mode being RADIUS.
[Quidway] aaa
[Quidway-aaa] authentication-scheme 1
Info: Create a new authentication scheme
[Quidway-aaa-authen-1] authentication-mode radius
[Quidway-aaa-authen-1] quit
# Configure the accounting scheme1, with the accounting mode being RADIUS.
[Quidway-aaa] accounting-scheme 1
Info: Create a new accounting scheme
[Quidway-aaa-accounting-1] accounting-mode radius
[Quidway-aaa-accounting-1] quit
Step 3 Configure the domain huawei and apply authentication scheme1, accounting scheme1, and
RADIUS template shiva to the domain.
[Quidway-aaa] domain huawei
[Quidway-aaa-domain-huawei] authentication-scheme 1
[Quidway-aaa-domain-huawei] accounting-scheme 1
[Quidway-aaa-domain-huawei] radius-server shiva
Step 4 Verify the configuration.
After running the display radius-server configuration template command on Switch B, you
can view that the configuration of the RADIUS server template meets the requirements.
<Quidway> display radius-server configuration template shiva
-------------------------------------------------------------------
Server-template-name
Protocol-version
Traffic-unit
Shared-secret-key
Timeout-interval(in second)
Primary-authentication-server
Primary-accounting-server
Secondary-authentication-server
Secondary-accounting-server
Retransmission
Domain-included
Calling-station-id MAC-format
-------------------------------------------------------------------
----End
Issue 01 (2011-07-15)
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
1 AAA and User Management Configuration
:
shiva
:
standard
:
B
:
3MQ*TZ,O3KCQ=^Q`MAF4<1!!
:
5
:
129.7.66.66
:1812
:
129.7.66.66
:1813
:
129.7.66.67
:1812
:
129.7.66.67
:1813
:
2
:
YES
:
XX.XX.XX.XX.XX.XX
LoopBack:NULL
LoopBack:NULL
LoopBack:NULL
LoopBack:NULL
41
Advertisement
Table of Contents
