3Com Switch 8800 Family Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

241

242

243

244

245

246

247

248

249

250

AAA Configuration 241

Both the radius-scheme and scheme radius-scheme commands can be used to

specify the RADIUS scheme for an ISP domain with the same effect, and the

system adopts the last configuration.

By default, the Local scheme is adopted, an ISP domain is in Active state once it is

created, no limit is set to the amount of supplicants, accounting optional is

disabled, idle-cut is disabled, and no IP address pool is defined.

Configuring Self-Service

Server URL

The self-service-url enable command must be incorporated with a RADIUS

server that supports self-service, such as comprehensive access management

server (CAMS). Self-service means that users can manage their accounts and card

numbers by themselves. And a server with the self-service software is called a

self-service server.

Once this function is enabled on the switch, users can locate the self-service server

through the following operations:

■ Select "Change user password" on the 802.1x client.

■ After the client opens the default explorer (IE or NetScape), locate the specified

URL page used to change the user password on the self-service server.

■ Change user password on this page.

Perform the following configuration in ISP domain view.

Tab le 199 Configure relevant attributes of an ISP domain

Operation Command

Configure the AAA scheme used by an ISP

domain

scheme { radius-scheme

radius-scheme-name [ local ] |

hwtacacs-scheme hwtacacs-scheme-name [

local ] | local | none }

Restore the default AAA scheme used by an

ISP domain

undo scheme { radius-scheme |

hwtacacs-scheme | none }

Configure the RADIUS scheme used by an ISP

domain

radius-scheme radius-scheme-name

Delete the specified RADIUS scheme undo radius scheme radius-server-name

Set the state of ISP domain

state { primary | secondary } { accounting |

authentication } { block | active }

Set a limit to the amount of supplicants

access-limit { disable | enable

max-user-number }

Restore the limit to the default setting undo access-limit

Enable accounting to be optional accounting optional

Disable accounting to be optional undo accounting optional

Set the Idle-cut idle-cut { disable | enable minute flow }

Define an address pool to assign IP addresses

to users

ip pool pool-number low-ip-address [

high-ip-address ]

Delete the specified address pool undo ip pool pool-number