beautypg.com

H3C Technologies H3C S3600 Series Switches User Manual

Page 506

background image

i

Table of Contents

1 AAA Overview ············································································································································1-1

Introduction to AAA ·································································································································1-1

Authentication··································································································································1-1

Authorization····································································································································1-1

Accounting·······································································································································1-2

Introduction to ISP Domain ·············································································································1-2

Introduction to AAA Services ··················································································································1-2

Introduction to RADIUS ···················································································································1-2

Introduction to HWTACACS ············································································································1-6

2 AAA Configuration ····································································································································2-1

AAA Configuration Task List ···················································································································2-1

Creating an ISP Domain and Configuring Its Attributes ··································································2-2

Configuring an AAA Scheme for an ISP Domain ············································································2-3

Configuring Dynamic VLAN Assignment·························································································2-6

Configuring the Attributes of a Local User·······················································································2-8

Cutting Down User Connections Forcibly······················································································2-10

RADIUS Configuration Task List···········································································································2-10

Creating a RADIUS Scheme ·········································································································2-12

Configuring RADIUS Authentication/Authorization Servers ··························································2-12

Configuring Ignorance of Assigned RADIUS Authorization Attributes ··········································2-13

Configuring RADIUS Accounting Servers ·····················································································2-14

Configuring Shared Keys for RADIUS Messages ·········································································2-15

Configuring the Maximum Number of RADIUS Request Transmission Attempts·························2-16

Configuring the Type of RADIUS Servers to be Supported ··························································2-16

Configuring the Status of RADIUS Servers···················································································2-17

Configuring the Attributes of Data to be Sent to RADIUS Servers ···············································2-18

Configuring the Local RADIUS Server ··························································································2-19

Configuring Timers for RADIUS Servers·······················································································2-20

Enabling Sending Trap Message when a RADIUS Server Goes Down ·······································2-21

Enabling the User Re-Authentication at Restart Function·····························································2-21

HWTACACS Configuration Task List····································································································2-23

Creating a HWTACACS Scheme ··································································································2-23

Configuring TACACS Authentication Servers ···············································································2-23

Configuring TACACS Authorization Servers ·················································································2-24

Configuring TACACS Accounting Servers ····················································································2-25

Configuring Shared Keys for HWTACACS Messages ··································································2-25

Configuring the Attributes of Data to be Sent to TACACS Servers ··············································2-26

Configuring the Timers Regarding TACACS Servers ···································································2-27

Displaying and Maintaining AAA Configuration ····················································································2-28

Displaying and Maintaining AAA Configuration·············································································2-28

Displaying and Maintaining RADIUS Protocol Configuration ························································2-28

Displaying and Maintaining HWTACACS Protocol Configuration ·················································2-29

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: