i
Table of Contents
1 AAA Overview············································································································································1-1
Introduction to AAA ·································································································································1-1
Authentication··································································································································1-1
Authorization····································································································································1-1
Accounting·······································································································································1-2
Introduction to ISP Domain ·············································································································1-2
Introduction to AAA Services ··················································································································1-3
Introduction to RADIUS···················································································································1-3
Introduction to HWTACACS············································································································1-7
2 AAA Configuration ····································································································································2-1
AAA Configuration Task List···················································································································2-1
Configuration introduction ···············································································································2-1
Creating an ISP Domain and Configuring Its Attributes··································································2-2
Configuring an AAA Scheme for an ISP Domain············································································2-3
Configuring Dynamic VLAN Assignment·························································································2-8
Configuring the Attributes of a Local User·······················································································2-9
Cutting Down User Connections Forcibly······················································································2-10
RADIUS Configuration Task List···········································································································2-11
Creating a RADIUS Scheme·········································································································2-12
Configuring RADIUS Authentication/Authorization Servers··························································2-13
Configuring Ignorance of Assigned RADIUS Authorization Attributes··········································2-14
Configuring the Sending Mode of Accounting Start Requests······················································2-15
Configuring RADIUS Accounting Servers ·····················································································2-16
Configuring Shared Keys for RADIUS Messages·········································································2-17
Configuring the Maximum Number of RADIUS Request Transmission Attempts············2-18
Configuring the Type of RADIUS Servers to be Supported ··························································2-18
Configuring the Status of RADIUS Servers···················································································2-19
Configuring the Attributes of Data to be Sent to RADIUS Servers ···············································2-20
Configuring the Local RADIUS Authentication Server Function ···················································2-21
Configuring Timers for RADIUS Servers·······················································································2-22
Enabling Sending Trap Message when a RADIUS Server Goes Down·······································2-23
Enabling the User Re-Authentication at Restart Function·····························································2-23
HWTACACS Configuration Task List····································································································2-25
Creating an HWTACACS Scheme································································································2-25
Configuring TACACS Authentication Servers···············································································2-25
Configuring TACACS Authorization Servers·················································································2-26
Configuring TACACS Accounting Servers ····················································································2-27
Configuring Shared Keys for HWTACACS Messages··································································2-27
Configuring the Attributes of Data to be Sent to TACACS Servers ··············································2-28
Configuring the Timers Regarding TACACS Servers ···································································2-29
Displaying and Maintaining AAA···········································································································2-29
AAA Configuration Examples················································································································2-31
To Next Page
Loading...
Need help?
General