H3C S7500 Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

521

522

523

524

525

526

527

528

529

530

Operation Manual – AAA & RADIUS & HWTACACS & EAD

H3C S7500 Series Ethernet Switches Table of Contents

Table of Contents

Chapter 1 AAA & RADIUS & HWTACACS Configuration .......................................................... 1-1

1.1 Introduction to AAA, RADIUS and HWTACACS ............................................................... 1-1

1.1.1 Introduction to AAA ................................................................................................. 1-1

1.1.2 Introduction to ISP Domain ..................................................................................... 1-2

1.1.3 Introduction to RADIUS........................................................................................... 1-3

1.1.4 Introduction to HWTACACS.................................................................................... 1-8

1.2 AAA & RADIUS & HWTACACS Configuration Task List................................................. 1-11

1.3 AAA Configuration ........................................................................................................... 1-13

1.3.1 Configuration Prerequisites................................................................................... 1-13

1.3.2 Creating an ISP Domain ....................................................................................... 1-14

1.3.3 Configuring the Attributes of an ISP Domain ........................................................ 1-14

1.3.4 Configuring an AAA Scheme for an ISP Domain.................................................. 1-15

1.3.5 Configuring Dynamic VLAN Assignment .............................................................. 1-17

1.3.6 Configuring the Attributes of a Local User ............................................................ 1-19

1.3.7 Cutting Down User Connections........................................................................... 1-21

1.4 RADIUS Configuration..................................................................................................... 1-21

1.4.1 Creating a RADIUS Scheme................................................................................. 1-22

1.4.2 Configuring RADIUS Authentication/Authorization Servers.................................. 1-23

1.4.3 Configuring RADIUS Accounting Servers............................................................. 1-24

1.4.4 Configuring Shared Keys for RADIUS Packets .................................................... 1-25

1.4.5 Configuring the Maximum Number of Transmission Attempts of RADIUS

Requests........................................................................................................................ 1-26

1.4.6 Configuring the Supported RADIUS Server Type................................................. 1-27

1.4.7 Configuring the Status of RADIUS Servers .......................................................... 1-27

1.4.8 Configuring the Attributes for Data to be Sent to RADIUS Servers...................... 1-28

1.4.9 Configuring a Local RADIUS Authentication Server............................................. 1-29

1.4.10 Configuring the Timers of RADIUS Servers........................................................ 1-30

1.4.11 Configuring the User Re-Authentication upon Device Restart Function............. 1-31

1.5 HWTACACS Configuration.............................................................................................. 1-32

1.5.1 Creating a HWTACACS Scheme.......................................................................... 1-33

1.5.2 Configuring HWTACACS Authentication Servers................................................. 1-33

1.5.3 Configuring HWTACACS Authorization Servers................................................... 1-34

1.5.4 Configuring HWTACACS Accounting Servers...................................................... 1-35

1.5.5 Configuring Shared Keys for HWTACACS Packets ............................................. 1-36

1.5.6 Configuring the Attributes for Data to be Sent to TACACS Servers..................... 1-37

1.5.7 Configuring the Timers of TACACS Servers......................................................... 1-38

1.6 Displaying and Maintaining AAA & RADIUS & HWTACACS Information ....................... 1-38

1.7 AAA & RADIUS & HWTACACS Configuration Example................................................. 1-40