H3C S5500-EI Series Security Configuration Manual page 72
Hide thumbs
Also See for S5500-EI Series:
- Operation manual (1529 pages) ,
- Configuration manual (490 pages) ,
- Quick start manual (91 pages)
Table of Contents
Advertisement
Network requirements
As shown in
authorization, and to include the domain name in a username sent to the RADIUS server.
Configure CAMS or IMC to act as the RADIUS server, add an account with the username hello@bbb on
the RADIUS server, and configure the RADIUS server to assign the privilege level of 3 to the user after the
user passes authentication.
Set the shared keys for secure RADIUS communication to expert.
Figure 13 Network diagram
Configuring the RADIUS server
This example assumes that the RADIUS server runs on IMC PLAT 5.0 (E0101) and IMC UAM 5.0 (E0101).
Add the switch to IMC as an access device:
1.
Log in to IMC, click the Service tab, and select User Access Manager > Access Device from the
a.
navigation tree.
Click Add.
b.
Configure the following parameters:
c.
Set the shared key for secure authentication and accounting communication to expert.
Specify the ports for authentication and accounting as 1812 and 1813, respectively.
Select Device Management Service as the service type.
Select H3C as the access device type.
Select the switch from the device list or manually add the switch with the IP address of
10.1.1.2.
Click OK.
d.
NOTE:
The IP address of the access device specified here must be the same as the source IP address of the RADIUS
packets sent from the switch, which is the IP address of the outbound interface by default, or otherwise the
IP address specified with the nas-ip or radius nas-ip command on the switch.
Figure
13, configure the switch to use the RADIUS server for SSH user authentication and
53
Advertisement
Table of Contents
Troubleshooting
