EasyManuals Logo

HPE FlexNetwork 5130 EI Series Fundamentals Configuration Guide

HPE FlexNetwork 5130 EI Series
183 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #76 background imageLoading...
Page #76 background image
69
[Switch-role-role2-ifpolicy] permit interface gigabitethernet 1/0/1 to
gigabitethernet 1/0/20
[Switch-role-role2-ifpolicy] quit
[Switch-role-role2] quit
2. Configure the RADIUS server:
# Add either of the user role attributes to the dictionary file of the FreeRADIUS server.
Cisco-AVPair = "shell:roles=\"role2\""
Cisco-AVPair = "shell:roles*\"role2\""
# Configure the settings required for the FreeRADIUS server to communicate with the switch.
(Details not shown.)
Verifying the configuration
# Telnet to the switch, and enter the username and password to access the switch. (Details not
shown.)
# Verify that you can use all commands available in ISP view.
<Switch> system-view
[Switch] domain abc
[Switch-isp-abc] authentication login radius-scheme abc
[Switch-isp-abc] quit
# Verify that you can use all read and write commands of the radius and arp features. This example
uses radius.
[Switch] radius scheme rad
[Switch-radius-rad] primary authentication 2.2.2.2
[Switch-radius-rad] display radius scheme rad
…
Output of the RADIUS scheme is omitted.
# Verify that you cannot configure any VLAN except VLANs 1 to 20. Take VLAN 10 and VLAN 30 as
examples.
[Switch] vlan 10
[Switch-vlan10] quit
[Switch] vlan 30
Permission denied.
# Verify that you cannot configure any interface except GigabitEthernet 1/0/1 to GigabitEthernet
1/0/20. Take GigabitEthernet 1/0/2 and GigabitEthernet 1/0/22 as examples.
[Switch] vlan 10
[Switch-vlan10] port gigabitethernet 1/0/2
[Switch-vlan10] port gigabitethernet 1/0/22
Permission denied.
RBAC temporary user role authorization configuration
example (HWTACACS authentication)
Network requirements
As shown in Figure 23, the switch uses local authentication for login users, including the Telnet user.
The user account for the Telnet user is test@bbb and is assigned the user role level-0.
Configure the remote-then-local authentication mode for temporary user role authorization. The
switch uses the HWTACACS server to provide authentication for changing the user role among

Table of Contents

Other manuals for HPE FlexNetwork 5130 EI Series

Preview: Command Reference
Command Reference314 pages
Preview: Layer 3-Ip Services Configuration Guide
Layer 3-Ip Services Configuration Guide265 pages
Preview: Configuration Guide
Configuration Guide117 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5130 EI Series and is the answer not in the manual?

HPE FlexNetwork 5130 EI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5130 EI Series
CategorySwitch
LanguageEnglish

Related product manuals