Aaa Configuration Considerations And Task List - HPE FlexNetwork 5510 HI Series Security Configuration Manual

AAA configuration considerations and task list

To configure AAA, complete the following tasks on the NAS:
1. Configure the required AAA schemes.
Local authentication—Configure local users and the related attributes, including the

usernames and passwords, for the users to be authenticated.
Remote authentication—Configure the required RADIUS, HWTACACS, and LDAP

schemes.
2. Configure AAA methods for the users' ISP domains. To use remote AAA methods, you must
specify the configured RADIUS, HWTACACS, or LDAP schemes in the ISP domains.
Figure 10 AAA configuration procedure
No AAA
To configure AAA, perform the following tasks:
Tasks at a glance
(Required.) Perform at least one of the following tasks to configure local users or AAA schemes:
•
Configuring local users
•
Configuring RADIUS schemes
•
Configuring HWTACACS schemes
•
Configuring LDAP schemes
(Required.) Configure AAA methods for ISP domains:
1. (Required.)
2. (Optional.)
3. (Required.) Perform at least one of the following tasks to configure AAA authentication, authorization,
and accounting methods for the ISP domain:
Configuring authentication methods for an ISP domain

Configuring authorization methods for an ISP domain

Configuring accounting methods for an ISP domain

(Optional.)
(Optional.)
(Optional.)
Local AAA
Configure local users and related
attributes
Create an ISP domain
and enter ISP domain
view
Configure the RADIUS, HWTACACS,
or LDAP schemes to be used
Remote AAA
Creating an ISP domain
Configuring ISP domain attributes
Enabling the session-control feature
Setting the maximum number of concurrent login users
Configuring a NAS-ID profile
Configure AAA methods for
different types of users or/and
the default methods for all
types of users
Authentication method
+
Authorization method
+
Accounting method
17
none/ local (the default)/scheme
none/ local (the default)/scheme
none/ local (the default)/scheme