Displaying And Maintaining Aaa; Aaa Configuration Examples; Aaa For Ssh Users By An Hwtacacs Server - HPE FlexNetwork 5510 HI Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 5510 HI Series:
- Configuration manual (572 pages) ,
- Mpls configuration manual (505 pages) ,
- Layer 3 - ip routing configuration manual (486 pages)
Table of Contents
Advertisement
Step
1.
Enter system view.
2.
Create a NAS-ID profile
and enter NAS-ID profile
view.
3.
Configure a NAS-ID and
VLAN
profile.
Displaying and maintaining AAA
Execute display commands in any view.
Task
Display the configuration of ISP domains.
AAA configuration examples
AAA for SSH users by an HWTACACS server
Network requirements
As shown in
•
Use the HWTACACS server for SSH user authentication, authorization, and accounting.
•
Assign the default user role network-operator to SSH users after they pass authentication.
•
Exclude domain names from the usernames sent to the HWTACACS server.
•
Use expert as the shared keys for secure HWTACACS communication.
Figure 11 Network diagram
SSH user
Configuration procedure
1.
Configure the HWTACACS server:
# Set the shared keys for secure communication with the switch to expert. (Details not shown.)
# Add user account hello for the SSH user and specify the password. (Details not shown.)
2.
Configure the switch:
# Configure IP addresses for interfaces. (Details not shown.)
Command
system-view
aaa nas-id profile profile-name
binding
in
the
nas-id nas-identifier bind vlan vlan-id
Figure
11, configure the switch to meet the following requirements:
HWTACACS server
10.1.1.1/24
Switch
Command
display domain [ isp-name ]
Internet
49
Remarks
N/A
N/A
By default, no NAS-ID and VLAN
binding exists.
- Quick Links:
- Radius
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
