Manualshelf

3Com Switch 8800 Advanced Software V5 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 9400sl 4-Port 10-GbE Module
901902903904905906907908909910
910 CHAPTER 70: AAA, RADIUS AND HWTACACS CONFIGURATION
configure the username sent to the RADIUS server to contain domain name
information.
Configure the shared key whereby to exchange packets with the switch to
"expert" on the RADIUS server, set the number of the port for authentication
and accounting, and add a Telnet username and login password (the format of
the username is "userid@isp-name").
Network diagram
Figure 262 Configure AAA for Telnet users by a RADIUS server
Configuration procedure
# Enable the Telnet server on the device.
<Sysname> system-view
[Sysname] telnet server enable
# Configure the switch to use AAA for authenticating Telnet users.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] authentication-mode scheme
[Sysname-ui-vty0-4] quit
# Create ISP domain.
[Sysname] domain 1
# Configure the accounting to be optional. As a CAMS server does not respond to
any accounting packets, this is required for a CAMS server.
[Sysname-isp-1] accounting optional
[Sysname-isp-1] quit
# Configure the RADIUS scheme.
<Sysname> system-view
[Sysname] radius scheme rad
[Sysname-radius-rad] primary authentication 10.1.1.1 1812
[Sysname-radius-rad] primary accounting 10.1.1.1 1813
[Sysname-radius-rad] key authentication expert
[Sysname-radius-rad] key accounting expert
[Sysname-radius-rad] server-type extended
[Sysname-radius-rad] user-name-format with-domain
[Sysname-radius-rad] quit
Internet
SwitchTelnet user
Authentication/Accounting server
10.1.1.1/24