3Com Switch 4800G 24-Port Configuration Manual page 761
Switch 4800g family 24-port, pwr 24-port, 48-port, pwr 48-port, 24-port sfp
Hide thumbs
Also See for Switch 4800G 24-Port:
- Product manual (13 pages) ,
- Datasheet (8 pages) ,
- Configuration manual (27 pages)
Table of Contents
Advertisement
Before configuring an authorization scheme, complete these three tasks:
1 For HWTACACS authorization, configure the HWTACACS scheme to be
referenced first. For RADIUS authorization, the RADIUS authorization scheme must
be same as the RADIUS authentication scheme; otherwise, it does not take effect.
2 Determine the access mode or service type to be configured. With AAA, you can
configure an authorization scheme specifically for each access mode and service
type, limiting the authorization protocols that can be used for access.
3 Determine whether to configure an authorization scheme for all access modes or
service types.
Follow these steps to configure an AAA authorization scheme for an ISP domain:
To do...
Enter system view
Create an ISP domain and
enter ISP domain view
Specify the default
authorization scheme for all
types of users
Specify the authorization
scheme for command line
users
Specify the authorization
scheme for LAN access users
Specify the authorization
scheme for login users
n
The authorization scheme specified with the authorization default command
■
is for all types of users and has a priority lower than that for a specific access
mode.
RADIUS authorization is special in that it takes effect only when the RADIUS
■
authorization scheme is the same as the RADIUS authentication scheme. In
addition, if a RADIUS authorization fails, the error message returned to the
NAS says that the server is not responding.
With the radius-scheme radius-scheme-name local or hwtacacs-scheme
■
hwtacacs-scheme-name local keyword and argument combination configured,
the local scheme is the backup scheme and is used only when the RADIUS
server or TACACS server is not available.
Use the command...
system-view
domain isp-name
authorization default
{ hwtacacs-scheme
hwtacacs-scheme-name
[ local ] | local | none |
radius-scheme
radius-scheme-name
[ local ] }
authorization command
hwtacacs-scheme
hwtacacs-scheme-name
authorization lan-access
{ local | none |
radius-scheme
radius-scheme-name
[ local ] }
authorization login
{ hwtacacs-scheme
hwtacacs-scheme-name
[ local ] | local | none |
radius-scheme
radius-scheme-name
[ local ] }
Configuring AAA
761
Remarks
-
Required
Optional
local by default
Optional
The default authorization
scheme is used by default.
Optional
The default authorization
scheme is used by default.
Optional
The default authorization
scheme is used by default.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
