Configuring Accounting Methods For An Isp Domain - HP VSR1000 Security Configuration Manual
Virtual services router
Hide thumbs
Also See for VSR1000:
- Configuration manual (463 pages) ,
- High availability configuration manual (91 pages) ,
- Layer 2 - wan access command reference (50 pages)
Table of Contents
Advertisement
Configuration guidelines
When configuring authorization methods, follow these guidelines:
•
The device supports HWTACACS authorization but not LDAP authorization.
To use a RADIUS scheme as the authorization method, reference the same RADIUS scheme that is
•
configured as the authentication method for the ISP domain. If an invalid RADIUS scheme is
specified as the authorization method, RADIUS authentication and authorization fail.
Configuration procedure
To configure authorization methods for an ISP domain:
Step
1.
Enter system view.
2.
Enter ISP domain view.
3.
Specify the default
authorization method for
all types of users.
4.
Specify the command
authorization method.
5.
Specify the authorization
method for login users.
6.
Specify the authorization
method for portal users.
7.
Specify the authorization
method for PPP users.
Configuring accounting methods for an ISP domain
Configuration prerequisites
Before configuring accounting methods, complete the following tasks:
Command
system-view
domain isp-name
authorization default { hwtacacs-scheme
hwtacacs-scheme-name [ radius-scheme
radius-scheme-name ] [ local ] [ none ] |
local [ none ] | none | radius-scheme
radius-scheme-name [ hwtacacs-scheme
hwtacacs-scheme-name ] [ local ] [ none ] }
authorization command { hwtacacs-scheme
hwtacacs-scheme-name [ local [ none ] |
local [ none ] | none }
authorization login { hwtacacs-scheme
hwtacacs-scheme-name [ radius-scheme
radius-scheme-name ] [ local ] [ none ] |
local [ none ] | none | radius-scheme
radius-scheme-name [ hwtacacs-scheme
hwtacacs-scheme-name ] [ local ] [ none ] }
authorization portal { local [ none ] | none
| radius-scheme radius-scheme-name
[ local ] [ none ] }
authorization ppp { hwtacacs-scheme
hwtacacs-scheme-name [ radius-scheme
radius-scheme-name ] [ local ] [ none ] |
local [ none ] | none | radius-scheme
radius-scheme-name [ hwtacacs-scheme
hwtacacs-scheme-name ] [ local ] [ none ] }
47
Remarks
N/A
N/A
By default, the authorization
method is local.
The none keyword is not
supported in FIPS mode.
By default, the default
authorization method is used
for command authorization.
The none keyword is not
supported in FIPS mode.
By default, the default
authorization method is used
for login users.
The none keyword is not
supported in FIPS mode.
By default, the default
authorization method is used
for portal users.
The none keyword is not
supported in FIPS mode.
By default, the default
authorization method is used
for PPP users.
The none keyword is not
supported in FIPS mode.
- Quick Links:
- Configuring the Device as an Ssh...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
