R21xx-HP FlexFabric 11900 Security Configuration Guide
17
1.
Configure the required AAA schemes.
{ Local authentication—Configure local users and the related attributes, including the usernames
and passwords, for the users to be authenticated.
{ Remote authentication—Configure the required RADIUS, HWTACACS, and LDAP schemes.
2. Configure AAA methods for the users' ISP domains. Remote AAA methods need to reference the
configured RADIUS, HWTACACS, and LDAP schemes.
Figure 10 AAA configuration procedure
To configure AAA, perform the following tasks:
Tasks at a
g
lance
(Required.) Perform at least one of the following tasks to configure local users or AAA schemes:
• Configuring local users
• Configuring RADIUS schemes
• Configuring HWTACACS schemes
• Configuring LDAP schemes
(Required.) Configure AAA methods for ISP domains:
1. (Required.) Creating an ISP domain
2. (Opti
onal.) Configuring ISP domain attributes
3. (R
equired.) Perform at least one of the following tasks to configure AAA authentication, authorization, and
accounting methods for the ISP domain:
{ Configuring authentication methods for an ISP domain
{ Configuring authorization methods for an ISP domain
{ Configuring accounting methods for an ISP domain
(Optional.) Enabling the session-control feature
(Optional.) Setting the maximum number of concurrent login users
Configure the RADIUS, HWTACACS,
or LDAP schemes to be referenced
none/ local (the default)/ scheme
Authorization method
Accounting method
Configure AAA methods for
different types of users or/and
the default methods for all
types of users
Create an ISP domain
and enter its view
Authentication method
Configure local users and related
attributes
+
+
Local AAA
Remote AAA
No AAA
none/ local (the default)/ scheme
none/ local (the default)/ scheme