Configuring aaa login authentication, Aaa configuration tasks, Step 1: define a group of radius servers – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual
Page 1215
AAA Introduction and Configuration
Software Reference for x310 Series Switches
C613-50046-01 REV A
AlliedWare Plus
TM
Operating System - Version 5.4.4C
44.5
Configuring AAA Login Authentication
To configure AAA authentication, create default or a named method list for different
authentication types. In the case of login authentication, the named method lists are then
applied to consoles or VTY lines.
AAA Configuration Tasks
To define how a given accounting or authentication type will be applied to a given port or
line:
■
either create a server group using the
command (RADIUS only),
■
or create a method list for the authentication or accounting type as required,
■
then apply that method list to the port or line as required.
Step 1:
Define a group of RADIUS Servers:
Create a server group using the
command.
To create a RADIUS server group named GROUP1 with hosts 192.168.1.1,
192.168.2.1
and 192.168.3.1, use the commands:
Step 2:
Specify the login authentication or accounting Method List:
Create a method list for the authentication (
) type as required.
To configure a user login authentication method list called USERS to use first all available
RADIUS servers for user login authentication and then the local user database, use the
following commands:
To configure RADIUS accounting for login shell sessions, use the following commands:
awplus(config)#
aaa group server radius GROUP1
awplus(config-sg)#
server 192.168.1.1 auth-port 1812 acct-
port 1813
awplus(config-sg)#
server 192.168.2.1 auth-port 1812 acct-
port 1813
awplus(config-sg)#
server 192.168.3.1 auth-port 1812 acct-
port 1813
awplus#
configure terminal
awplus(config)#
aaa authentication login default group radius
local
awplus#
configure terminal
awplus(config)#
aaa accounting login default start-stop group
radius