EasyManuals Logo

HP 5120 EI Switch Series User Manual

HP 5120 EI Switch Series
304 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #70 background imageLoading...
Page #70 background image
60
Set the shared keys for authentication and authorization packets exchanged between the NAS and the
RADIUS server to abc. Configure the switch to remove the domain names in usernames before sending
usernames to the RADIUS server.
Figure 22 RADIUS authentication and authorization for Telnet users by a network device
Telnet user
192.168.1.2
Switch A Switch B
NAS RADIUS server
Vlan-int2
10.1.1.1/24
Vlan-int2
10.1.1.2/24
Vlan-int3
192.168.1.1/24
Configuration procedure
# Configure an IP address for each interface as shown in Figure 22. The detailed configuration is omitted
here.
1. Configure the NAS
# Enable the Telnet server on Switch A.
<SwitchA> system-view
[SwitchA] telnet server enable
# Configure Switch A to use AAA for Telnet users.
[SwitchA] user-interface vty 0 4
[SwitchA-ui-vty0-4] authentication-mode scheme
[SwitchA-ui-vty0-4] quit
# Create RADIUS scheme rad.
[SwitchA] radius scheme rad
# Specify the IP address for the primary authentication server as 10.1.1.2, the port for authentication as
1645, and the shared key for authentication packets as abc.
[SwitchA-radius-rad] primary authentication 10.1.1.2 1645 key abc
# Configure the scheme to remove the domain names in usernames before sending usernames to the
RADIUS server.
[SwitchA-radius-rad] user-name-format without-domain
# Specify the source IP address for RADIUS packets as 10.1.1.1.
[SwitchA-radius-rad] nas-ip 10.1.1.1
[SwitchA-radius-rad] quit
# Create ISP domain bbb.
[SwitchA] domain bbb
# Specify the authentication method for Telnet users as rad.
[SwitchA-isp-bbb] authentication login radius-scheme rad
# Specify the authorization method for Telnet users as rad.
[SwitchA-isp-bbb] authorization login radius-scheme rad
# Specify the accounting method for Telnet users as none.
[SwitchA-isp-bbb] accounting login none
# Configure the RADIUS server type as standard. When a network device is configured to serve as a
RADIUS server, the server type must be set to standard.
[SwitchA-isp-bbb] server-type standard
[SwitchA-isp-bbb] quit

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 5120 EI Switch Series and is the answer not in the manual?

HP 5120 EI Switch Series Specifications

General IconGeneral
BrandHP
Model5120 EI Switch Series
CategorySwitch
LanguageEnglish

Related product manuals