EasyManuals Logo

H3C S3600 Series User Manual

H3C S3600 Series
966 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #493 background imageLoading...
Page #493 background image
Operation Manual – AAA-RADIUS-HWTACACS-EAD
H3C S3600 Series Ethernet Switches-Release 1510
Chapter 1 AAA & RADIUS & HWTACACS
Configuration
1-17
Caution:
z You can execute the scheme radius-scheme radius-scheme-name command to
adopt an already configured RADIUS scheme to implement all the three AAA
functions. If you adopt the local scheme, only the authentication and authorization
functions are implemented, the accounting function cannot be implemented.
z If you execute the scheme radius-scheme radius-scheme-name local command,
the local scheme is used as the secondary scheme in case no RADIUS server is
available. That is, if the communication between the switch and a RADIUS server is
normal, no local authentication is performed; otherwise, local authentication is
performed.
z If you execute the scheme hwtacacs-scheme hwtacacs-scheme-name local
command, the local scheme is used as the secondary scheme in case no TACACS
server is available. That is, if the communication between the switch and a TACACS
server is normal, no local authentication is performed; otherwise, local
authentication is performed.
z If you execute the scheme local or scheme none command to adopt local or none
as the primary scheme, the local authentication is performed or no authentication is
performed. In this case you cannot specify any RADIUS scheme at the same time.
II. Configuring separate AAA schemes
You can use the authentication, authorization, and accounting commands to
specify a scheme for each of the three AAA functions (authentication, authorization and
accounting) respectively. The following gives the implementations of this separate way
for the services supported by AAA.
z For terminal users
Authentication: RADIUS, local, HWTACACS or none.
Authorization: none or HWTACACS.
Accounting: RADIUS, HWTACACS or none.
You can use an arbitrary combination of the above implementations for your AAA
scheme configuration.
z For FTP users
Only authentication is supported for FTP users.
Authentication: RADIUS, local, or RADIUS-local.
Perform the following configuration in ISP domain view.

Table of Contents

Other manuals for H3C S3600 Series

Preview: Command Manual
Command Manual1277 pages
Preview: Installation Manual
Installation Manual98 pages
Preview: Datasheet
Datasheet10 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the H3C S3600 Series and is the answer not in the manual?

H3C S3600 Series Specifications

General IconGeneral
BrandH3C
ModelS3600 Series
CategorySwitch
LanguageEnglish

Related product manuals