beautypg.com

H3C Technologies H3C S3600 Series Switches User Manual

Page 209

background image

1-19

z

The following configurations involve some AAA/RADIUS configuration commands. For details

about the commands, refer to AAA Operation.

z

Configurations on the user host and the RADIUS server are omitted.

z

Configure RADIUS parameters

# Create a RADIUS scheme named radius1.

system-view

[Switch] radius scheme radius1

# Specify the primary RADIUS authentication server and primary RADIUS accounting server.

[Switch-radius-radius1] primary authentication 192.168.1.3

[Switch-radius-radius1] primary accounting 192.168.1.2

# Specify the secondary RADIUS authentication server and secondary RADIUS accounting server.

[Switch-radius-radius1] secondary authentication 192.168.1.2

[Switch-radius-radius1] secondary accounting 192.168.1.3

# Set the shared key for message exchange between the switch and the RADIUS authentication

servers to name.

[Switch-radius-radius1] key authentication name

# Set the shared key for message exchange between the switch and the accounting RADIUS servers to

name.

[Switch-radius-radius1] key accounting name

# Set the interval and the number of packet transmission attempts for the switch to send packets to the

RADIUS server.

[Switch-radius-radius1] timer 5

[Switch-radius-radius1] retry 5

# Set the timer for the switch to send real-time accounting packets to the RADIUS server to 15 minutes.

[Switch-radius-radius1] timer realtime-accounting 15

# Configure the switch to send a username without the domain name to the RADIUS server.

[Switch-radius-radius1] user-name-format without-domain

[Switch-radius-radius1] quit

# Create a domain named aabbcc.net and enter its view.

[Switch] domain aabbcc.net

# Specify radius1 as the RADIUS scheme of the user domain, and the local authentication scheme as

the backup scheme when the RADIUS server is not available.

[Switch-isp-aabbcc.net] scheme radius-scheme radius1 local

# Set the maximum number of users of the ISP domain to 30.

[Switch-isp-aabbcc.net] access-limit enable 30

# Enable the idle disconnecting function and set the related parameters.

[Switch-isp-aabbcc.net] idle-cut enable 20 2000

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: