H3C S7500 Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

531

532

533

534

535

536

537

538

539

540

Operation Manual – AAA & RADIUS & HWTACACS & EAD

H3C S7500 Series Ethernet Switches

Chapter 1 AAA & RADIUS & HWTACACS

Configuration

1-13

To do... Remarks Related section

Create a

HWTACACS scheme

Required

Creating a

HWTACACS Scheme

Configure

HWTACACS

authentication

servers

Required

Configuring

HWTACACS

Authentication Servers

Configure

HWTACACS

authorization servers

Required

Configuring

HWTACACS

Authorization Servers

Configure

HWTACACS

accounting servers

Optional

Configuring

HWTACACS

Accounting Servers

Configure shared

keys for HWTACACS

packets

Optional

Configuring Shared

Keys for HWTACACS

Packets

Configure the

attributes for data to

be sent to TACACS

servers

Optional

Configuring the

Attributes for Data to be

Sent to TACACS

Servers

HWTACACS

configuration

Configure the timers

of TACACS servers

Optional

Configuring the Timers

of TACACS Servers

1.3 AAA Configuration

The goal of AAA configuration is to protect network devices against unauthorized

access and at the same time provide network access services to authorized users. If

you need to use ISP domains to implement AAA management on access users, you

need to configure the ISP domains.

This section covers these topics:

z Configuration Prerequisites

z Creating an ISP Domain

z Configuring the Attributes of an ISP Domain

z Configuring an AAA Scheme for an ISP Domain

z Configuring Dynamic VLAN Assignment

z Configuring the Attributes of a Local User

z Cutting Down User Connections

1.3.1 Configuration Prerequisites

To implement remote AAA, you need to create a RADIUS or HWTACACS scheme.