Operation Manual – AAA
H3C S3100 Series Ethernet Switches Table of Contents
i
Table of Contents
Chapter 1 AAA Overview.............................................................................................................. 1-1
1.1 Introduction to AAA............................................................................................................ 1-1
1.1.1 Authentication..........................................................................................................1-1
1.1.2 Authorization ........................................................................................................... 1-1
1.1.3 Accounting............................................................................................................... 1-2
1.1.4 Introduction to ISP Domain ..................................................................................... 1-2
1.2 Introduction to AAA Services............................................................................................. 1-2
1.2.1 Introduction to RADIUS........................................................................................... 1-2
1.2.2 Introduction to HWTACACS.................................................................................... 1-8
Chapter 2 AAA Configuration ...................................................................................................... 2-1
2.1 AAA Configuration Task List.............................................................................................. 2-1
2.1.1 Configuration introduction ....................................................................................... 2-1
2.1.2 Creating an ISP Domain and Configuring Its Attributes.......................................... 2-2
2.1.3 Configuring an AAA Scheme for an ISP Domain.................................................... 2-4
2.1.4 Configuring Dynamic VLAN Assignment ................................................................ 2-7
2.1.5 Configuring the Attributes of a Local User .............................................................. 2-8
2.1.6 Cutting Down User Connections Forcibly ............................................................. 2-10
2.2 RADIUS Configuration Task List ..................................................................................... 2-11
2.2.1 Creating a RADIUS Scheme................................................................................. 2-13
2.2.2 Configuring RADIUS Authentication/Authorization Servers.................................. 2-13
2.2.3 Configuring RADIUS Accounting Servers............................................................. 2-14
2.2.4 Configuring Shared Keys for RADIUS Messages................................................. 2-16
2.2.5 Configuring the Maximum Number of RADIUS Request Transmission
Attempts........................................................................................................................
2-17
2.2.6 Configuring the Type of RADIUS Servers to be Supported.................................. 2-18
2.2.7 Configuring the Status of RADIUS Servers ..........................................................2-18
2.2.8 Configuring the Attributes of Data to be Sent to RADIUS Servers ....................... 2-19
2.2.9 Configuring the Local RADIUS Authentication Server Function........................... 2-20
2.2.10 Configuring Timers for RADIUS Servers ............................................................2-21
2.2.11 Enabling Sending Trap Message when a RADIUS Server Goes Down............. 2-23
2.2.12 Enabling the User Re-Authentication at Restart Function .................................. 2-23
2.3 HWTACACS Configuration Task List .............................................................................. 2-25
2.3.1 Creating a HWTACACS Scheme.......................................................................... 2-25
2.3.2 Configuring TACACS Authentication Servers....................................................... 2-26
2.3.3 Configuring TACACS Authorization Servers......................................................... 2-26
2.3.4 Configuring TACACS Accounting Servers............................................................ 2-27
2.3.5 Configuring Shared Keys for HWTACACS Messages.......................................... 2-28
To Next Page
Loading...
