57
Configuring the device ID
RADIUS uses the value of the Acct-Session-ID attribute as the accounting ID for a user. The device
generates an Acct-Session-ID value for each online user based on the system time, random digits,
and device ID.
To configure the device ID:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Configure the device ID.
aaa device-id
device-id By default, the device ID is 0.
Displaying and maintaining AAA
Execute display commands in any view.
Task Command
Display the configuration of ISP domains.
display domain
[ isp-name ]
AAA configuration examples
AAA for SSH users by an HWTACACS server
Network requirements
As shown in Figure 12, configure the switch to meet the following requirements:
• Use the HWTACACS server for SSH user authentication, authorization, and accounting.
• Assign the default user role network-operator to SSH users after they pass authentication.
• Exclude domain names from the usernames sent to the HWTACACS server.
• Use expert as the shared keys for secure HWTACACS communication.
Figure 12 Network diagram
Configuration procedure
1. Configure the HWTACACS server:
# Set the shared keys to expert for secure communication with the switch. (Details not shown.)
To Next Page
Loading...
Need help?
General