Manualshelf

3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
21222324252627282930
30 CHAPTER 4: AAA AND RADIUS/HWTACACS PROTOCOL CONFIGURATION
Figure 8 The AAA implementation procedures for a telnet user
Configuring AAA AAA configuration tasks include:
1 Create an ISP domain and set the related attributes
Create an ISP domain
Configure an AAA scheme
Configure the ISP domain state
Set an access limit
Enable accounting optional
Define a local IP pool and allocate IP addresses to PPP users
2 Create a local user and set the related attributes (for local authentication only)
Creating an ISP Domain
and Setting the Related
Attributes
Creating an ISP domain
An Internet service provider (ISP) domain is a group of users that belong to the
same ISP. For a username in the userid@isp-name format,
gw20010608@3com163.net for example, the isp-name (3com163.net) following
the @ sign is the ISP domain name. When receiving a connection request from a
User
HWTACACS
Client
HWTACACS
Server
User logs in
Authentication Start Request packet
Authentication response packet,
requesting for the user name
Request User for the user name
User enters the user name
Authentication continuance packet
carrying the user name
Authentication response packet,
requesting for the password
Request User for the password
User enters the password
Authentication continuance packet
carrying the password
Authentication success packet
Authorization request packet
Authorization success packet
User is permitted
Accounting start request packet
Accounting start response packet
User quits
Accounting stop packet
Accounting stop response packet
User
HWTACACS
Client
HWTACACS
Server
User logs in
Authentication Start Request packet
Authentication response packet,
requesting for the user name
Request User for the user name
User enters the user name
Authentication continuance packet
carrying the user name
Authentication response packet,
requesting for the password
Request User for the password
User enters the password
Authentication continuance packet
carrying the password
Authentication success packet
Authorization request packet
Authorization success packet
User is permitted
Accounting start request packet
Accounting start response packet
User quits
Accounting stop packet
Accounting stop response packet