Verifying The Configuration; Local Authentication And Authorization For Ssh Users; Network Requirements; Configuration Procedure - HP MSR2000 Configuration Manual
Hide thumbs
Also See for MSR2000:
- Configuration manual (455 pages) ,
- Manual (73 pages) ,
- High availability configuration manual (91 pages)
Table of Contents
Advertisement
[Router] role default-role enable
# Create a RADIUS scheme.
[Router] radius scheme rad
# Specify the primary authentication server.
[Router-radius-rad] primary authentication 10.1.1.1 1812
# Set the shared key for secure communication with the server to expert in plain text.
[Router-radius-rad] key authentication simple expert
# Include the domain names in usernames sent to the RADIUS server.
[Router-radius-rad] user-name-format with-domain
[Router-radius-rad] quit
# Create ISP domain bbb and configure authentication/authorization methods for login users.
NOTE:
Because RADIUS user authorization information is piggybacked in authentication responses, the
authentication and authorization methods must use the same RADIUS scheme.
[Router] domain bbb
[Router-isp-bbb] authentication login radius-scheme rad
[Router-isp-bbb] authorization login radius-scheme rad
[Router-isp-bbb] quit
Verifying the configuration
When the user initiates an SSH connection to the router and enter the username hello@bbb and the
correct password, the user successfully logs in and can use the commands for the network-operator user
role.
Local authentication and authorization for SSH
users
Network requirements
As shown in
users and assign the network-admin user role to SSH users after they pass authentication.
Figure 13 Network diagram
Configuration procedure
# Assign an IP address to interface Ethernet 1/1, the SSH user access interface.
Figure
13, configure the router to perform local authentication and authorization for SSH
44
Advertisement
Table of Contents
Troubleshooting
