Huawei Quidway S3900 Series - Troubleshooting Aaa & Radius & Hwtacacs Configuration; Troubleshooting the Radius Protocol

To Next Page

To Previous Page

Operation Manual – AAA & RADIUS & HWTACACS & EAD

Quidway S3900 Series Ethernet Switches-Release 1510

Chapter 1 AAA & RADIUS & HWTACACS

Configuration

Huawei Technologies Proprietary

1-47

II. Network diagram

Authentication server

( IP address:10.110.91.164 )

Internet

Switch

Telnet user

Internet

Authentication server

( IP address:10.110.91.164 )

Internet

Switch

Authentication server

( IP address:10.110.91.164 )

Internet

Switch

Telnet user

Internet

Figure 1-9 Remote authentication and authorization of Telnet users

III. Configuration procedure

# Add a Telnet user.

Omitted here

# Configure a HWTACACS scheme.

<Quidway> system-view

[Quidway] hwtacacs scheme hwtac

[Quidway-hwtacacs-hwtac] primary authentication 10.110.91.164 49

[Quidway-hwtacacs-hwtac] primary authorization 10.110.91.164 49

[Quidway-hwtacacs-hwtac] key authentication expert

[Quidway-hwtacacs-hwtac] key authorization expert

[Quidway-hwtacacs-hwtac] user-name-format without-domain

[Quidway-hwtacacs-hwtac] quit

# Configure the domain name of the HWTACACS scheme to hwtac.

[Quidway] domain hwtacacs

[Quidway-isp-hwtacacs] scheme hwtacacs-scheme hwtac

1.8 Troubleshooting AAA & RADIUS & HWTACACS

Configuration

1.8.1 Troubleshooting the RADIUS Protocol

The RADIUS protocol is at the application layer in the TCP/IP protocol suite. This

protocol prescribes how the switch and the RADIUS server of the ISP exchange user

information with each other.

Symptom 1: User authentication/authorization always fails.

Main Page

Huawei Quidway S3900 Series - Troubleshooting Aaa & Radius & Hwtacacs Configuration; Troubleshooting the Radius Protocol

Table of Contents

Other manuals for Huawei Quidway S3900 Series

Related product manuals