EasyManuals Logo

H3C S3600 Series User Manual

H3C S3600 Series
966 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #521 background imageLoading...
Page #521 background image
Operation Manual – AAA-RADIUS-HWTACACS-EAD
H3C S3600 Series Ethernet Switches-Release 1510
Chapter 1 AAA & RADIUS & HWTACACS
Configuration
1-45
[H3C-luser-telnet] quit
[H3C] domain system
[H3C-isp-system] scheme local
A Telnet user logging into the switch with the name telnet@system belongs to the
"system" domain and will be authenticated according to the configuration of the
"system" domain.
Method 2: using local RADIUS server
This method is similar to the remote authentication method described in section
1.7.1 .
You only need to change the server IP address, the authentication password, and the
UDP port number of the authentication server to 127.0.0.1, h3c, and 1645 respectively
in the configuration step "Configure a RADIUS scheme" in section
1.7.1 , and configure
local users (whether the names of local users carry domain names should be
consistent with the configuration in the RADIUS scheme).
1.7.3 HWTACACS Authentication and Authorization of Telnet Users
I. Network requirements
You are required to configure the switch so that the Telnet users logging into the switch
are authenticated and authorized by the TACACS server.
A TACACS server with IP address 10.110.91.164 is connected to the switch. This
server will be used as the authentication and authorization server. On the switch, set
both authentication and authorization shared keys that are used to exchange
messages with the TACACS server to "expert". Configure the switch to strip domain
names off user names before sending user names to the TACACS server.
Configure the shared key to “expert” on the TACACS server for exchanging messages
with the switch.
II. Network diagram
Authentication server
Internet
Switch
Telnet user
Internet
Authentication server
Internet
Switch
Authentication server
IP address: 10.110.91.164
Internet
Sw itc h
Telnet user
Internet
Authentication server
Internet
Switch
Authentication server
Internet
Switch
Telnet user
Internet
Authentication server
Internet
Switch
Authentication server
IP address: 10.110.91.164
Internet
Sw itc h
Telnet user
Internet
Figure 1-9 Remote HWTACACS authentication and authorization of Telnet users

Table of Contents

Other manuals for H3C S3600 Series

Preview: Command Manual
Command Manual1277 pages
Preview: Installation Manual
Installation Manual98 pages
Preview: Datasheet
Datasheet10 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the H3C S3600 Series and is the answer not in the manual?

H3C S3600 Series Specifications

General IconGeneral
BrandH3C
ModelS3600 Series
CategorySwitch
LanguageEnglish

Related product manuals