3Com Switch 7750 Configuration Guide Guide
496 CHAPTER 48: AAA & RADIUS & HWTACACS CONFIGURATION
AAA Configuration The goal of AAA configuration is to protect network devices against unauthorized
access and at the same time provide network access services to authorized users. If
you need to use ISP domains to implement AAA management on access users,
you need to configure the ISP domains.
Configuration
Prerequisites
If you want to adopt remote AAA method, you must create a RADIUS or
HWTACACS scheme.
■ RADIUS scheme (radius-scheme): You can reference a configured RADIUS
scheme to implement AAA services. For the configuration of RADIUS scheme,
refer to
“RADIUS Configuration”.
■ HWTACACS scheme (hwtacacs-scheme): You can reference a configured
RADIUS scheme to implement AAA services. For the configuration of RADIUS
scheme, refer to
“HWTACACS Configuration”.
Creating an ISP Domain
HWTACACS
configuration
Create a HWTACACS scheme Required
“Creating a
HWTACACS Scheme”
Configure HWTACACS
authentication servers
Required
“Configuring
HWTACACS
Authentication
Servers”
Configure HWTACACS
authorization servers
Required
“Configuring
HWTACACS
Authorization
Servers”
Configure HWTACACS
accounting servers
Optional
“Configuring
HWTACACS
Accounting Servers”
Configure shared keys for
RADIUS packets
Optional
“Configuring Shared
Keys for RADIUS
Packets”
Configure the attributes for
data to be sent to TACACS
servers
Optional
“Configuring the
Attributes for Data to
be Sent to TACACS
Servers”
Configure the timers of
TACACS servers
Optional
“Configuring the
Timers of TACACS
Servers”
Table 373 Configuration tasks
Operation Description Related section
Tabl e 374 Create an ISP domain
Operation Command Description
Enter system view system-view -
Create an ISP domain and
enter its view, enter the view
of an existing ISP domain, or
configure the default ISP
domain
domain { isp-name | default {
disable | enable isp-name } }
Required
The default ISP domain is
"system".