H3C S7500 Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

561

562

563

564

565

566

567

568

569

570

Operation Manual – AAA & RADIUS & HWTACACS & EAD

H3C S7500 Series Ethernet Switches

Chapter 1 AAA & RADIUS & HWTACACS

Configuration

1-43

II. Network diagram

Internet

Telnet User Switch

Figure 1-8 Local authentication of Telnet user

III. Configuration procedure

Method 1: Use a local authentication scheme.

# Enter system view.

<H3C> system-view

[H3C]

# Adopt AAA authentication for Telnet users.

[H3C] user-interface vty 0 4

[H3C-ui-vty0-4] authentication-mode scheme

[H3C-ui-vty0-4] quit

# Create and configure a local user named telnet.

[H3C] local-user telnet

[H3C-luser-telnet] service-type telnet

[H3C-luser-telnet] password simple secret

[H3C-luser-telnet] attribute idle-cut 300 access-limit 5

[H3C] domain system

[H3C-isp-system] scheme local

A Telnet user logging into the switch with the name telnet@system belongs to the

domain system and will be authenticated according to the configuration of the domain

system.

Method 2: Use a local RADIUS server.

This method is similar to the remote authentication method described in

Remote

RADIUS Authentication of Telnet/SSH Users

. You only need to change the server IP

address, the authentication password, and the UDP port number for authentication

service in configuration step "Configure a RADIUS scheme" in

Remote RADIUS

Authentication of Telnet/SSH Users

to 127.0.0.1, expert, and 1645 respectively, and

configure local users (whether the name of local user carries domain name should be

consistent with the configuration in RADIUS scheme).