3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide
228 CHAPTER 15: AAA/RADIUS/HWTACACS CONFIGURATION COMMANDS
Description
Use the scheme command to configure the AAA scheme to be referenced by the
current ISP domain.
Use the undo scheme command to restore the default AAA scheme.
The default AAA scheme in the system is local.
With this command the current ISP domain can reference a RADIUS/HWTACACS
scheme that has been configured.
When the radius-scheme radius-scheme-name local command or the
hwtacacs-scheme hwtacacs-scheme-name local command is configured, the
local scheme applies as a backup scheme if the RADIUS or TACACS server is not
available. If the RADIUS or TACACS server is available, local authentication is not
used.
If the local scheme applies as the first scheme, only the local authentication is
adopted, and no RADIUS or HWTACACS scheme can be adopted.
If the none scheme applies as the first scheme, no authentication is adopted, and
no RADIUS or HWTACACS scheme can be adopted.
An FTP user login cannot be authenticated in none mode because an FTP server
implemented with Comware does not support anonymous login.
If the scheme none command is used, the priority level of a user logged into the
system is level 0.
Related command: radius scheme and hwtacacs scheme.
Example
# Specify the current ISP domain, 3com163.net, to use the RADIUS scheme 3Com.
[SecBlade_FW-isp-3com163.net] scheme radius 3Com
# Set the authentication scheme referenced by the ISP domain 3Com to
radius-scheme "rd", using the local scheme as the backup.
[SecBlade_FW-isp-3com] scheme radius-scheme rd local
# Set the authentication scheme referenced by the ISP domain 3Com to
hwtacacs-scheme "hwtac", using the local scheme as the backup.
[SecBlade_FW-isp-3com] scheme hwtacacs-scheme hwtac local
service-type Syntax
service-type { telnet | ssh | terminal }* [ level level ]
undo service-type { telnet | ssh | terminal }*
View
Local user view