Operation Manual - Security
Quidway S3000-EI Series Ethernet Switches
Chapter 2 AAA and RADIUS Protocol
Configuration
Huawei Technologies Proprietary
2-18
Perform the following configurations in RADIUS scheme view.
Table 2-23 Setting RADIUS server state
Operation Command
Set the state of primary RADIUS
server
state primary { accounting |
authentication } { block | active }
Set the state of second RADIUS
server
state secondary{ accounting |
authentication } { block | active }
By default, the state of each server in RADIUS scheme is active.
2.3.13 Setting Username Format Transmitted to RADIUS Server
As mentioned above, the supplicants are generally named in -name format.
The part following “@” is the ISP domain name. Quidway Series Switches will put the
u to me
earli
you have to remove the d e s e username to the RADIUS
erver. The following command of switch decides whether the username to be sent to
RADIUS server carries ISP domain name or not.
userid@isp
sers into different ISP domains according the domain names. However, so
er RADIUS servers reject the username incl
omain name befor
uding ISP domain name. In this case,
ending th
s
Perform the following configurations in RADIUS scheme view.
Table 2-24 Setting username format transmitted to RADIUS server
Operation Command
Set Username Format Transmitted to { |
RADIUS Server
user-name-format with-domain
without-domain }
Note:
If a RADIUS scheme is configured not to allow usernames including ISP domain names,
the RADIUS scheme shall not be simultaneously used in more than one ISP domain.
Otherwise, the RADIUS server will regard two users in d
ifferent ISP domains as the
luding their respective
domain names.)
same user by mistake, if they have the same username (exc
B
s name; as for the "s US scheme created by
th s excludes the ISP domain name.
y default, as for the newly created RADIUS sche
ervers includes an ISP domain
me, the username sent to RADIUS
ystem" RADI
e system, the username sent to RADIUS server
To Next Page
Loading...
Need help?
General