Operation Manual – AAA & RADIUS & HWTACACS & EAD
Quidway S3900 Series Ethernet Switches-Release 1510
1.3 AAA Configuration
The goal of AAA configuration is to protect network devices against unauthorized
access and at the same time provide network access services to authorized users. If
you need to use ISP domains to implement AAA management on access users, you
need to configure the ISP domains.
1.3.1 Configuration Prerequisites
If you want to adopt remote AAA method, you must create a RADIUS or HWTACACS
scheme.
RADIUS scheme (radius-scheme): You can reference a configured RADIUS
scheme to implement AAA services. For the configuration of RADIUS scheme,
refer to section 1.4 "RADIUS Configuration".
HWTACACS scheme (hwtacacs-scheme): You can reference a configured
RADIUS scheme to implement AAA services. For the configuration of RADIUS
scheme, refer to section 1.5 "HWTACACS Configuration".
1.3.2 Creating an ISP Domain
Table 1-5 Create an ISP domain
Enter system view
Create an ISP domain and enter
its view, enter the view of an
existing
configure
domain
1.3.3 Configuring the Attributes of an ISP Domain
Table 1-6 Configure the attributes of an ISP domain
Enter system view
Create an ISP domain or
enter the view of an existing
ISP domain
Operation
ISP
domain,
or
the
default
ISP
Operation
Huawei Technologies Proprietary
Chapter 1 AAA & RADIUS & HWTACACS
Command
system-view
domain
{
isp-name
default { disable | enable
isp-name } }
Command
system-view
domain isp-name
1-14
Configuration
Description
—
Required
|
The default ISP
domain
is
"system".
Description
—
Required