3Com Switch 8800 Advanced Software V5 Configuration Guide

AAA, RADIUS AND HWTACACS

CONFIGURATION

When configuring AAA, RADIUS and HWTACACS, go to these sections for

information you are interested in:

■ “AAA, RADIUS and HWTACACS Configuration Overview” on page 879

■ “Configuration Task List” on page 888

■ “Configuring AAA” on page 889

■ “Configuring RADIUS” on page 897

■ “Configuring HWTACACS” on page 904

■ “Displaying and Maintaining AAA, RADIUS and HWTACACS” on page 907

■ “AAA, RADIUS and HWTACACS Configuration Examples” on page 909

■ “Troubleshooting AAA, RADIUS, and HWTACACS” on page 914

AAA, RADIUS and

HWTACACS

Configuration

Overview

This section covers these topics:

■ “Introduction to AAA” on page 879

■ “Introduction to ISP Domain” on page 880

■ “Introduction to RADIUS” on page 881

■ “Introduction to HWTACACS” on page 885

Introduction to AAA Authentication, authorization, and accounting (AAA) provides a uniform

framework for configuring these three security functions to implement the

network security management.

The network security mentioned here refers to access control and includes these

problems:

■ Which users can access the network servers?

■ Which services can the authorized users enjoy?

■ How to keep accounts for users using the network resources?

Accordingly, AAA provides the following services:

Authentication

AAA supports the following authentication methods:

■ None authentication: All users are trusted and no authentication is performed.

Generally, this method is not recommended.

■ Local authentication: User information (including username, password, and

attributes) is configured on the device. Local authentication features high