H3C Technologies H3C S6300 Series Switches User Manual

Page 32

Configure the required AAA schemes.

{

Local authentication—Configure local users and the related attributes, including the usernames
and passwords, for the users to be authenticated.

{

Remote authentication—Configure the required RADIUS, HWTACACS, and LDAP schemes.

Configure AAA methods for the users' ISP domains. To use remote AAA methods, you must specify
the configured RADIUS, HWTACACS, or LDAP schemes.

Figure 9 AAA configuration procedure

To configure AAA, perform the following tasks:

Tasks at a glance

(Required.) Perform at least one of the following tasks to configure local users or AAA schemes:

•

Configuring local users

•

Configuring RADIUS schemes

•

Configuring HWTACACS schemes

•

Configuring LDAP schemes

(Required.) Configure AAA methods for ISP domains:

(Required.)

Creating an ISP domain

(Optional.)

Setting the ISP domain status

(Required.) Perform at least one of the following tasks to configure AAA authentication, authorization, and

accounting methods for the ISP domain:

{

Configuring authentication methods for an ISP domain

{

Configuring authorization methods for an ISP domain

{

Configuring accounting methods for an ISP domain

(Optional.)

Enabling the session-control feature

(Optional.)

Setting the maximum number of concurrent login users

Configure the RADIUS, HWTACACS,

or LDAP schemes to be used

none

local (the default)

scheme

Authorization method

Accounting method

Configure AAA methods for
different types of users or/and
the default methods for all
types of users

Create an ISP domain

and enter ISP domain

view

Authentication method

Configure local users and related

attributes

none

local (the default)

scheme

Local AAA

Remote AAA

No AAA

none

local (the default)

scheme

This manual is related to the following products:

H3C S5820V2 Series Switches H3C S5830 Series Switches H3C S5830V2 Series Switches H3C S3600V2 Series Switches