Manualshelf

H3C S7500E Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
851852853854855856857858859860
Operation Manual – AAA RADIUS HWTACACS
H3C S7500E Series Ethernet Switches
Chapter 1 AAA/RADIUS/HWTACACS
Configuration
1-11
4) Upon receiving the request, the HWTACACS client asks the user for the
username.
5) The user enters the username.
6) After receiving the username from the user, the HWTACACS client sends to the
server a continue-authentication packet carrying the username.
7) The HWTACACS server sends back an authentication response, requesting the
login password.
8) Upon receipt of the response, the HWTACACS client requests of the user the login
password.
9) The user enters the password.
10) After receiving the login password, the HWTACACS client sends to the
HWTACACS server a continue-authentication packet carrying the login password.
11) The HWTACACS server sends back an authentication response indicating that
the user has passed authentication.
12) The HWTACACS client sends the user authorization request packet to the
HWTACACS server.
13) The HWTACACS server sends back the authorization response, indicating that
the user is authorized now.
14) Knowing that the user is now authorized, the HWTACACS client pushes the
configuration interface of the NAS to the user.
15) The HWTACACS client sends a start-accounting request to the HWTACACS
server.
16) The HWTACACS server sends back an accounting response, indicating that it has
received the start-accounting request.
17) The user logs off.
18) The HWTACACS client sends a stop-accounting request to the HWTACACS
server.
19) The HWTACACS server sends back a stop-accounting packet, indicating that the
stop-accounting request has been received.
1.1.4 Protocols and Standards
The protocols and standards related to AAA, RADIUS, and HWTACACS include:
z RFC 2865: Remote Authentication Dial In User Service (RADIUS)
z RFC 2866: RADIUS Accounting
z RFC 2867: RADIUS Accounting Modifications for Tunnel Protocol Support
z RFC 2868: RADIUS Attributes for Tunnel Protocol Support
z RFC 2869: RADIUS Extensions
z RFC 1492: An Access Control Protocol, Sometimes Called TACACS