3Com Switch 8800 Advanced Software V5 Configuration Guide
912 CHAPTER 70: AAA, RADIUS AND HWTACACS CONFIGURATION
<Sysname> system-view
[Sysname] local-user telnet
[Sysname-luser-telnet] service-type telnet
[Sysname-luser-telnet] password simple aabbccddeeff
[Sysname-luser-telnet] quit
# Configure the AAA schemes the ISP domain as local authentication,
authorization and accounting.
[Sysname] domain system
[Sysname-isp-system] authentication login local
[Sysname-isp-system] authorization login local
[Sysname-isp-system] accounting login local
[Sysname-isp-system] quit
# You can achieve the same purpose by setting the default AAA schemes for all
types of users.
[Sysname] domain system
[Sysname-isp-system] authentication default local
[Sysname-isp-system] authorization default local
[Sysname-isp-system] accounting default local
When a user is telneting into the router, the user can use the user name of userid
@system for local authentication.
2 Solution 2: Use the local RADIUS server
This solution is similar to that given in “AAA for Telnet/SSH Users by a RADIUS
Server” on page 909. But you only need to do the following:
■ Configuring the local user;
■ Configuring the authentication/authorization server, with IP address 127.0.0.1,
shared secret key aabbcc, UDP port for authentication/authorization 1645, and
UDP port for accounting 1646.
■ Configuring the local RADIUS server, with IP address 127.0.0.1, shared secret
key aabbcc.
The detailed configuration is as follows:
# Enable the Telnet server on the device.
<Sysname> system-view
[Sysname] telnet server enable
# Configure the switch to use AAA for Telnet users.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] authentication-mode scheme
[Sysname-ui-vty0-4] quit
# Create telnet for the local user.
[Sysname] local-user telnet
[Sysname-luser-telnet] service-type telnet