Local Authentication Of Ftp/Telnet Users - H3C S7500 Series Operation Manual

Operation Manual – AAA & RADIUS & HWTACACS & EAD
H3C S7500 Series Ethernet Switches
III. Configuration procedure
# Enter system view.
<H3C> system-view
[H3C]
# Adopt AAA authentication for Telnet users.
[H3C] user-interface vty 0 4
[H3C-ui-vty0-4] authentication-mode scheme
# Configure an ISP domain.
[H3C] domain cams
[H3C-isp-cams] access-limit enable 10
[H3C-isp-cams] quit
# Configure a RADIUS scheme.
[H3C] radius scheme cams
[H3C-radius-cams] accounting optional
[H3C-radius-cams] primary authentication 10.110.91.164 1812
[H3C-radius-cams] key authentication expert
[H3C-radius-cams] server-type extended
[H3C-radius-cams] user-name-format with-domain
[H3C-radius-cams] quit
# Associate the ISP domain with the RADIUS scheme.
[H3C] domain cams
[H3C-isp-cams] scheme radius-scheme cams
A Telnet user logging into the switch by a name in the format of userid @cams belongs
to the cams domain and will be authenticated according to the configuration of the
cams domain.

1.7.2 Local Authentication of FTP/Telnet Users

Note:
The configuration procedure for the local authentication of FTP users is similar to that of
Telnet users. The following description only takes the local authentication of Telnet
users as example.
I. Network requirements
In the network environment shown in
that the Telnet users logging into the switch are authenticated locally.
Chapter 1 AAA & RADIUS & HWTACACS
Figure 1-8, the switch needs to be configured so
1-42
Configuration