H3C S5600 Series Operation Manual page 649
Hide thumbs
Also See for H3C S5600 Series:
- Operation manual (1218 pages) ,
- Configuration (313 pages) ,
- Operation manual (11 pages)
Table of Contents
Advertisement
Operation Manual – AAA
H3C S5600 Series Ethernet Switches
I. Network requirements
In the network environment shown in
switch so that the Telnet users logging into the switch are authenticated by the RADIUS
server.
A RADIUS authentication server with IP address 10.110.91.164 is connected to
the switch.
On the switch, set the shared key it uses to exchange messages with the
authentication RADIUS server to aabbcc.
A CAMS server is used as the RADIUS server. You can select extended as the
server-type in a RADIUS scheme.
On the RADIUS server, set the shared key it uses to exchange messages with the
switch to aabbcc, set the authentication port number, and add Telnet usernames
and login passwords.
The Telnet usernames added to the RADIUS server must be in the format of
userid@isp-name if you have configured the switch to include domain names in the
usernames to be sent to the RADIUS server in the RADIUS scheme.
II. Network diagram
Telnet user
Figure 2-1 Remote RADIUS authentication of Telnet users
III. Configuration procedure
# Enter system view.
<Sysname> system-view
# Adopt AAA authentication for Telnet users.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] authentication-mode scheme
[Sysname-ui-vty0-4] quit
# Configure an ISP domain.
[Sysname] domain cams
[Sysname-isp-cams] access-limit enable 10
Figure
2-1, you are required to configure the
RADIUS server
10.110.91.164/16
Internet
2-34
Chapter 2 AAA Configuration
Advertisement
Chapters
Table of Contents
Troubleshooting
