1. Manuals
  2. Brands
  3. HP Manuals
  4. Network Router
  5. MSR2000 Series
  6. Configuration manual

Configuring Authorization Methods For An Isp Domain - HP MSR2000 Configuration Manual

Hide thumbs Also See for MSR2000:
Table of Contents

Advertisement

Step
1.
Enter system view.
2.
Enter ISP domain view.
3.
Specify the default
authentication method for
all types of users.
4.
Specify the authentication
method for LAN users.
5.
Specify the authentication
method for login users.
6.
Specify the authentication
method for PPP users.
7.
Specify the method for
obtaining a temporary
user role.

Configuring authorization methods for an ISP domain

Configuration prerequisites
Before configuring authorization methods, complete the following tasks:
1.
For HWTACACS authorization, configure the HWTACACS scheme to be referenced.
2.
Determine the access type or service type to be configured. With AAA, you can configure an
authorization scheme for each access type and service type.
3.
Determine whether to configure the default authorization method for all access types or service
types. The default authorization method applies to all access users, but it has a lower priority than
the authorization method that is specified for an access type or service type.
Configuration guidelines
When configuring authorization methods, follow these guidelines:
To configure RADIUS authorization, also configure RADIUS authentication, and reference the same
RADIUS scheme for RADIUS authentication and authorization. If the RADIUS authorization
configuration is invalid or RADIUS authorization fails, the RADIUS authentication also fails.
Command
system-view
domain isp-name
authentication default { hwtacacs-scheme
hwtacacs-scheme-name [ radius-scheme
radius-scheme-name ] [ local ] [ none ] | local
[ none ] | none | radius-scheme
radius-scheme-name [ hwtacacs-scheme
hwtacacs-scheme-name ] [ local ] [ none ] }
authentication lan-access { local [ none ] | none
| radius-scheme radius-scheme-name [ local ]
[ none ] }
authentication login { hwtacacs-scheme
hwtacacs-scheme-name [ radius-scheme
radius-scheme-name ] [ local ] [ none ] | local
[ none ] | none | radius-scheme
radius-scheme-name [ hwtacacs-scheme
hwtacacs-scheme-name ] [ local ] [ none ] }
authentication ppp { local [ none ] | none |
radius-scheme radius-scheme-name [ local ]
[ none ] }
authentication super { hwtacacs-scheme
hwtacacs-scheme-name | radius-scheme
radius-scheme-name } *
37
Remarks
N/A
N/A
By default, the default
authentication method is
local.
The none keyword is not
supported in FIPS mode.
By default, the default
authentication method is
used for LAN users.
The none keyword is not
supported in FIPS mode.
By default, the default
authentication method is
used for login users.
The none keyword is not
supported in FIPS mode.
By default, the default
authentication method is
used for PPP users.
The none keyword is not
supported in FIPS mode.
By default, the default
authentication method is
used for obtaining a
temporary user role.

Advertisement

Table of Contents
loading

Related Manuals for HP MSR2000

Related Content for HP MSR2000

This manual is also suitable for:

Msr3000Msr4000

Table of Contents