Overview, Onfiguring, Dministrative – 3Com WX4400 3CRWX440095A User Manual

3

C

ONFIGURING

AAA

FOR

A

DMINISTRATIVE

AND

L

OCAL

A

CCESS

3Com Mobility System Software (MSS) supports authentication,
authorization, and accounting (AAA) for secure network connections. As
administrator, you must establish administrative access for yourself and
optionally other local users before you can configure the WX for
operation.

Overview

Here is an overview of configuration topics:

1 Console connection. By default, any administrator can connect to the

console port and manage the switch, because no authentication is
enforced. (3Com recommends that you enforce authentication on the
console port after initial connection.)

2 Telnet or SSH connection. Administrators cannot establish a Telnet or

Secure Shell (SSH) connection to the WX by default. To provide Telnet or
SSH access, you must add a username and password entry to the local
database or, optionally, set the authentication method for Telnet users to
a Remote Authentication Dial-In User Service (RADIUS) server.

A CLI Telnet connection to the WX is not secure, unlike SSH, 3WXM and
Web Manager connections. (For details, see Chapter 20, “Managing Keys
and Certificates,” on page 413.)

3 Restricted mode. When you initially connect to the WX, your mode of

operation is restricted. In this mode, only a small subset of status and
monitoring commands is available. Restricted mode is useful for
administrators with basic monitoring privileges who are not allowed to
change the configuration or run traces.

4 Enabled mode. To enter the enabled mode of operation, you type the

enable command at the command prompt. In enabled mode, you can
use all CLI commands. Although MSS does not require an enable
password, 3Com highly recommends that you set one.