3Com S7906E Configuration Manual page 1835

features high speed and low cost, but the amount of information that can be stored is limited by the
hardware.
Remote authentication (scheme): The access device cooperates with a RADIUS, or HWTACACS
server to authenticate users. As for RADIUS, the device can use the standard RADIUS protocol or
extended RADIUS protocol in collaboration with systems like iMC to implement user authentication.
Remote authentication features centralized information management, high capacity, high reliability,
and support for centralized authentication for multiple devices. You can configure local
authentication as the backup method to be used when the remote server is not available.
You can configure AAA authentication to work alone without authorization and accounting. By default,
an ISP domain uses the local authentication method.
Before configuring authentication methods, complete these three tasks:
For RADIUS, or HWTACACS authentication, configure the RADIUS, or HWTACACS scheme to be
referenced first. The local and none authentication methods do not require any scheme.
Determine the access mode or service type to be configured. With AAA, you can configure an
authentication method specifically for each access mode and service type, limiting the
authentication protocols that can be used for access.
Determine whether to configure an authentication method for all access modes or service types.
Follow these steps to configure AAA authentication methods for an ISP domain:
To do...
Enter system view
Enter ISP domain view
Specify the default
authentication method for all
types of users
Specify the authentication
method for LAN users
Specify the authentication
method for login users
Specify the authentication
method for portal users
Specify the authentication
method for privilege level
switching
Use the command...
system-view
domain isp-name
authentication default
{ hwtacacs-scheme
hwtacacs-scheme-name
[ local ] | local | none |
radius-scheme
radius-scheme-name [ local ] }
authentication lan-access
{ local | none | radius-scheme
radius-scheme-name [ local ] }
authentication login
{ hwtacacs-scheme
hwtacacs-scheme-name
[ local ] | local | none |
radius-scheme
radius-scheme-name [ local ] }
authentication portal { local |
none | radius-scheme
radius-scheme-name [ local ] }
authentication super
{ hwtacacs-scheme
hwtacacs-scheme-name |
radius-scheme
radius-scheme-name }
1-16
Remarks
—
—
Optional
local by default
Optional
The default authentication
method is used by default.
Optional
The default authentication
method is used by default.
Optional
The default authentication
method is used by default.
Optional
The default authentication
method is used by default.