3Com 7757 Configuration Manual page 538

538 C 49: AAA & RADIUS & HWTACACS C
HAPTER ONFIGURATION
A RADIUS server with IP address 10.1.1.1 is connected to the switch. This
■
server will be used as the authentication server.
On the switch, set the shared key that is used to exchange packets with the
■
authentication RADIUS server to "expert".
You can use a CAMS server as the RADIUS server. If you use a third-party RADIUS
server, you can select standard or extended as the server type in the RADIUS
scheme.
On the RADIUS server:
Set the shared key it uses to exchange packets with the switch to "expert".
■
Set the port number for authentication.
■
Add Telnet user names and login passwords.
■
The Telnet user name added to the RADIUS server must be in the format of
userid@isp-name if you have configure the switch to include domain names in the
user names to be sent to the RADIUS server.
Network diagram
Figure 133 Remote RADIUS authentication of Telnet users
Telnet user
Configuration procedure
# Enter system view.
<SW7750> system-view
[SW7750]
# Adopt AAA authentication for Telnet users.
[SW7750] user-interface vty 0 4
[SW7750-ui-vty0-4] authentication-mode scheme
# Configure an ISP domain.
[SW7750] domain cams
[SW7750-isp-cams] access-limit enable 10
[SW7750-isp-cams] quit
# Configure a RADIUS scheme.
[SW7750] radius scheme cams
[SW7750-radius-cams] accounting optional
[SW7750-radius-cams] primary authentication 10.1.1.1 1812
Authentication servers
10.1.1.1/24
Internet