3Com Switch 4200G Configuration Guide
188 CHAPTER 23: AAA&RADIUS CONFIGURATION
Network diagram
Figure 58 Remote RADIUS authentication of Telnet users
Configuration procedure
1 Enter system view.
<S4200G> system-view
System View: return to User View with Ctrl+Z.
[4200G]
2 Adopt AAA authentication for Telnet users
[4200G] user-interface vty 0 4
[4200G-ui-vty0-4] authentication-mode scheme
3 Configure an ISP domain.
[4200G] domain cams
[4200G-isp-cams] access-limit enable 10
[4200G-isp-cams] quit
4 Configure a RADIUS scheme.
[4200G] radius scheme cams
[4200G-radius-cams] accounting optional
[4200G-radius-cams] primary authentication 10.110.91.164 1812
[4200G-radius-cams] key authentication expert
[4200G-radius-cams] server-type 3Com
[4200G-radius-cams] user-name-format with-domain
[4200G-radius-cams] quit
5 Associate the ISP domain with the RADIUS scheme.
[4200G] domain cams
[4200G-isp-cams] scheme radius-scheme cams
A Telnet user logging into the switch by a name in the format of userid @cams
belongs to the cams domain and will be authenticated according to the configuration
of the cams domain.
Local Authentication
of FTP/Telnet Users
The configuration procedure for the local authentication of FTP users is similar to that
of Telnet users. The following description only takes the local authentication of Telnet
users as example.
Authentication Server
IP address: 10.110.91.164
Internet
Sw itc h
Telnet user
Internet
Authentication Server
IP address: 10.110.91.164
Internet
Sw itc h
Authentication server
IP address: 10.110.91.164
Internet
Sw itc h
Telnet user
Internet
Authentication Server
IP address: 10.110.91.164
Internet
Sw itc h
Authentication Server
IP address: 10.110.91.164
Internet
Sw itc h
Telnet user
Internet
Authentication Server
IP address: 10.110.91.164
Internet
Sw itc h
Authentication server
IP address: 10.110.91.164
Internet
Sw itc h
Telnet user
Internet