EasyManua.ls Logo

Ruijie RG-S2900G-E Series - Page 478

Ruijie RG-S2900G-E Series
943 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Configuration Guide AAA Configuration
Note
1. To select the AAA service method list in the domain configuration mode, the
AAA service method list is defined before entering the domain configuration
mode. Or the configurations are inexistent when selecting the AAA method
list-name.
2. With the domain-name-based AAA service enabled, if there is no domain
information carried by the username, use the default domain; if there is no
configurations for the user domain in the system, the user is determined to be
illegal and provides no AAA service.
3. In the domain configuration mode, without the method list configured, use the
default method list in the system.
Showing the domain configuration
Use the following commands to show the domain-name-based AAA service information.
Command
Function
show aaa domain [domain-name]
Show the current domain-name-based AAA service
information
Domain-name-based AAA Service Configuration Notes
The followings are the domain-name-based AAA service configuration notes:
1. With the domain-name-based AAA service enabled, use the method list in the domain.
Without the service enabled, use the method list selected according to the access
protocol(such as 802.1x, ect) for the AAA service. For example, without the service enabled,
use the dot1x authentication authen-list-name, dot1x accounting acct-list-name
authen-list-name and dot1x accounting acct-list-name acct-list-name command to provide
the AAA service for the authentication and accouting method list name.
2. With the domain-name-based AAA service enabled, by default, there is no default domain,
and you shall manually set the default domain-name as default. After the configuration, user
that not carries with the domain information provides the AAA service using the default domain.
Without the default domain configured, the user that not carries with the domain information
fails to use the AAA service.
3. If the domain information is carried by the auth-user but the domain is not configured on the
device, it fails to provide the AAA service for the user.
4. The AAA service method list selected by the domain must be consistent with the one
defined by the AAA service. Or it fails to provide the AAA service for the users in the domain.
5. The domain name carried by the user shall be accurately matched with the one configured
on the device. For example, the domain.com and the domain.com.cn have been configured on

Table of Contents

Related product manuals