Configuring A Local Radius Server - H3C S3610 Series Operation Manual
Aaa & radius & hwtacacs
Hide thumbs
Also See for S3610 Series:
- Operation manual (175 pages) ,
- Quick start manual (84 pages) ,
- Command manual (54 pages)
Table of Contents
Advertisement
Operation Manual – AAA & RADIUS & HWTACACS
H3C S3610&S5510 Series Ethernet Switches
Operation
Set the source
IP
used
switch to send
RADIUS
packets
Caution:
Generally, the access users are named in the userid@isp-name format. Where,
isp-name behind the @ character represents the ISP domain name, by which the
device determines which ISP domain it should ascribe the user to. However, some
old RADIUS servers cannot accept the user names that carry ISP domain names. In
this case, it is necessary to remove the domain names carried in the user names
before sending the user names to the RADIUS server. For this reason, the
user-name-format command is designed for you to specify whether or not ISP
domain names are carried in the user names sent to the RADIUS server.
For a RADIUS scheme, if you have specified that no ISP domain names are carried
in the user names, you should not adopt this RADIUS scheme in more than one ISP
domain. Otherwise, such errors may occur: the RADIUS server regards two
different users having the same name but belonging to different ISP domains as the
same user (because the usernames sent to it are the same).
In the default RADIUS scheme "system", no ISP domain names are carried in the
user names by default.
The nas-ip command in RADIUS scheme view only takes effect for the current
RADIUS scheme, while that in system view is for all RADIUS schemes. The former
one takes priority in implementation.
1.4.9 Configuring a Local RADIUS Server
Besides serving as a RADIUS client managing the authentication of users through
authentication/authorization server and accounting server, the device also supports
simple local RADIUS server functions, including authentication, authorization, and
accounting. You can use the following commands to configure the parameters related
to the local RADIUS server.
Command
RADIUS scheme view
address
nas-ip ip-address
by
the
System view
radius nas-ip ip-address
Chapter 1 AAA & RADIUS & HWTACAC
Optional
By default, no source IP
address is specified; and the IP
address
interface is used as the source
IP address.
1-32
S Configuration
Description
of
the
outbound
Advertisement
Table of Contents
