Aaa For Telnet Users By Separate Servers - HP 3600 v2 Series Security Configuration Manual
Hide thumbs
Also See for 3600 v2 Series:
- Command reference manual (510 pages) ,
- Configuration manual (449 pages) ,
- Installation manual (62 pages)
Table of Contents
Advertisement
[Switch-hwtacacs-hwtac] key accounting simple expert
# Configure the scheme to remove the domain name from a username before sending the username to
the HWTACACS server.
[Switch-hwtacacs-hwtac] user-name-format without-domain
[Switch-hwtacacs-hwtac] quit
# Configure the AAA methods for the domain.
[Switch] domain bbb
[Switch-isp-bbb] authentication login hwtacacs-scheme hwtac
[Switch-isp-bbb] authorization login hwtacacs-scheme hwtac
[Switch-isp-bbb] accounting login hwtacacs-scheme hwtac
[Switch-isp-bbb] quit
Verify the configuration
2.
Telnet to the switch as a user and enter the correct username and password. You pass authentication and
log in to the switch. Issuing the display connection command on the switch, you can see information
about the user connection.
AAA for Telnet users by separate servers
Network requirements
As shown in
and RADIUS accounting services for Telnet users. Set the shared keys for secure communication with the
HWTACACS server and the RADIUS server to expert. Configure the switch to remove the domain name
from a username before sending the username to the servers.
Figure 12 Network diagram
Configuration procedure
Configure the switch
1.
# Assign IP addresses to interfaces. (Details not shown)
# Enable the Telnet server on the switch.
<Switch> system-view
[Switch] telnet server enable
# Configure the switch to use AAA for Telnet users.
[Switch] user-interface vty 0 4
[Switch-ui-vty0-4] authentication-mode scheme
[Switch-ui-vty0-4] quit
Figure
12, configure the switch to provide local authentication, HWTACACS authorization,
50
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
