H3C S7500E Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

851

852

853

854

855

856

857

858

859

860

Operation Manual – AAA RADIUS HWTACACS

H3C S7500E Series Ethernet Switches

Chapter 1 AAA/RADIUS/HWTACACS

Configuration

1-19

specified accounting server. Accounting is not required, and therefore accounting

scheme configuration is optional. If you do not perform any accounting configuration,

the system-default domain uses the local accounting scheme.

Before configuring an authorization scheme, complete these three tasks:

1) For RADIUS or HWTACACS accounting, configure the RADIUS or HWTACACS

scheme to be referenced first. The local and none authentication modes do not

require any scheme.

2) Determine the access mode or service type to be configured. With AAA, you can

configure an accounting scheme specifically for each access mode and service

type, limiting the accounting protocols that can be used for access.

3) Determine whether to configure an accounting scheme for all access modes or

service types.

Follow these steps to configure an AAA accounting scheme for an ISP domain:

To do… Use the command… Remarks

Enter system view

system-view

—

Create an ISP domain

and enter ISP domain

view

domain isp-name

Required

Enable the accounting

optional feature

accounting optional

Optional

Disabled by default

Specify the default

accounting scheme for all

types of users

accounting default

{ hwtacacs-scheme

hwtacacs-scheme-name

[ local ] | local | none |

radius-scheme

radius-scheme-name

[ local ] }

Optional

Local by default

Specify the accounting

scheme for LAN access

users

accounting lan-access

{ local | none |

radius-scheme

radius-scheme-name

[ local ] }

Optional

The default accounting

scheme is used by

default.

Specify the accounting

scheme for login users

accounting login

{ hwtacacs-scheme

hwtacacs-scheme-name

[ local ] | local | none |

radius-scheme

radius-scheme-name

[ local ] }

Optional

The default accounting

scheme is used by

default.

Specify the accounting

scheme for Portal users

accounting portal

{ none | radius-scheme

radius-scheme-name }

Optional

The default accounting

scheme is used by

default.