For the detailed configuration method for the IEEE802.1x, see the related chapter in
Configuring 802.1x.
Example of Authentication Configuration
The example below illustrates show to configure the network device to use “Radius + local” for
authentication.
Ruijie(config)# aaa new-model
Ruijie(config)# username Ruijie password starnet
Ruijie(config)# radius-server host 192.168.217.64
Ruijie(config)# aaa authentication login test group radius local
Ruijie(config)# line vty 0
Ruijie(config-line)# login authentication test
Ruijie(config-line)# end
Ruijie# show running-config
!
aaa new-model
!
!
aaa authentication login test group radius local
username Ruijie password 0 starnet
!
radius-server host 192.168.217.64
!
line con 0
line vty 0
login authentication test
line vty 1 4
!
!
In the example above, the access server uses the Radius server (IP 192.168.217.64) to
perform authentication for the login users. If the Radius server has no reply, the local database
will be used for the identity authentication.
Example of Terminal Service Application Configuration
In the environment of the terminal service application, the terminal first connects to the
asynchronous console, then offers the service accessing the network network server. However,
if AAA is enabled, the Login authentication is necessary in all lines. To access the server, the
terminal must pass the Login authentication and it influences the terminal service. You can
separate two lines by configuration that makes the line using the terminal service directly
connecting the server without the Login authentication, and ensures the device security by the
Login authentication of the line connecting the device. That is to say, you can configure a login
authentication list specific for the terminal service but the authentication method as none.
To Next Page
Loading...
