2 integrating tacacs+ and radius – 3Com 10014303 User Manual

[3Com-serial0] quit

12

Assign an IP address to the interface Ethernet0.

[3Com]interface ethernet 0

[3Com-ethernet0]ip address 10.110.1.10 255.255.0.0

13

Assign an IP address to Ethernet1.

[3Com-ethernet0]interface ethernet 1

[3Com-ethernet0]ip address 192.10.1.1 255.255.255.0

[3Com-ethernet0]return

2.6.2 Integrating TACACS+ and RADIUS

In this example, a TACACS+ server is used for authentication and authorization for

PPP and login users, and is also used as a standby accounting server. A RADIUS

server is used for accounting, and is also used as the standby server for

authentication and authorization.

Router

TACACS+ server

10.110.1.1

RADIUS server

10.110.1.2

ISDN\PSTN

Dial-up user

Terminal user

S0:

168.1.1.1

E1:192.10.1.1

E0:

10.110.1.10

192.10.1.0/24

Accessed network

Router

TACACS+ server

10.110.1.1

RADIUS server

10.110.1.2

ISDN\PSTN

Dial-up user

Terminal user

S0:

168.1.1.1

E1:192.10.1.1

E0:

10.110.1.10

192.10.1.0/24

Accessed network

Figure 2-5 Networking for the application combining TACACS+ and RADIUS

To integrate TACACS+ and RADIUS:

1

Enable AAA.

[3Com]aaa-enable

2

Configure TACACS+.

3

Create a TACACS+ server group and add TACACS+ servers into it.

[3Com] HWTACACS-server template tactemplate1

[3Com-HWTACACS-tactemplate1]host ip 10.110.1.1 authen-primary

[3Com-HWTACACS-tactemplate1]host ip 10.110.1.1 author-primary

4

Configure “mykey” as the shared key for the AAA negotiation with the

TACACS+ server.

3Com Router Configuration Guide Addendum for V1.20

25