47
Or
[Switch] domain bbb
[Switch-isp-bbb] authentication default local
[Switch-isp-bbb] authorization default hwtacacs-scheme hwtac
[Switch-isp-bbb] accounting default radius-scheme rd
When telnetting to the switch, a user enters username telnet@bbb for authentication using domain bbb.
Authentication/Authorization for SSH/Telnet users by a
RADIUS server
NOTE:
The configuration of authentication and authorization for SSH users is similar to that for Telnet users.
The following takes SSH users as an example.
Network requirements
As shown in Figure 12, configure an iMC server to act as the RADIUS server to provide authentication
and authorization services for SSH users.
Set both the shared keys for packets exchanged with the RADIUS server to expert, and configure the
switch to include the domain names in usernames to be sent to the RADIUS server.
Add an account on the RADIUS server, with the username hello@bbb. The SSH user uses the username
and the configured password to log in to the switch and is authorized with the privilege level of 3 after
login.
Figure 12 Configure authentication/authorization for SSH users by a RADIUS server
Internet
Switch
SSH user
RADIUS server
10.1.1.1/24
Vlan-int2
192.168.1.70/24
Vlan-int3
10.1.1.2/24
Configuration procedure
1. Configure the RADIUS server (iMC PLAT 5.0)
NOTE:
This example assumes that the RADIUS server runs iMC PLAT 5.0 (E0101) and iMC UAM 5.0 (E0101).
# Add an access device.
Log in to the iMC management platform, select the Service tab, and select User Access Manager > Access
Device from the navigation tree to enter the Access Device page. Then, click Add to enter the Add Access
Device window and perform the following configurations as shown in Figure 13.
ï‚· Set the shared key for authentication and accounting to expert
To Next Page
Loading...
Need help?
General