Aaa & Radius & Hwtacacs Configuration Example; Remote Radius Authentication Of Telnet/Ssh Users - H3C S3100-52P Operation Manual
Aaa - radius - hwtacacs
Hide thumbs
Also See for S3100-52P:
- Operation manual (955 pages) ,
- Command manual (55 pages) ,
- Installation manual (54 pages)
Table of Contents
Advertisement
Operation Manual – AAA – RADIUS – HWTACACS
H3C S3100-52P Ethernet Switch
Clear
message statistics
Delete
non-response
stop-accounting requests
1.7 AAA & RADIUS & HWTACACS Configuration Example
1.7.1 Remote RADIUS Authentication of Telnet/SSH Users
Note:
The configuration procedure for remote authentication of SSH users by RADIUS server
is similar to that for Telnet users. The following text only takes Telnet users as example
to describe the configuration procedure for remote authentication.
I. Network requirements
In the network environment shown in Figure 1-7, you are required to configure the
switch so that the Telnet users logging into the switch are authenticated by the RADIUS
server.
A RADIUS server with IP address 10.110.91.164 is connected to the switch. This
server will be used as the authentication server.
On the switch, set the shared key it uses to exchange messages with the
authentication RADIUS server to "expert".
You can use a CAMS server as the RADIUS server. You can select standard or
extended as the server-type in a RADIUS scheme.
On the RADIUS server:
Set the shared key it uses to exchange messages with the switch to "expert".
Set the authentication port number.
Add Telnet user names and login passwords.
Operation
reset
HWTACACS
statistics { accounting |
authentication
authorization | all }
reset
stop-accounting-buffer
{
buffered
hwtacacs-scheme-name |
session-id session-id |
time-range
stop-time
user-name }
Chapter 1 AAA & RADIUS & HWTACACS
Command
hwtacacs
|
hwtacacs-scheme
start-time
|
user-name
1-41
Configuration
Description
You can execute the
reset command in user
view.
Advertisement
Table of Contents
