Network diagram, Configuration procedure – H3C Technologies H3C S3600 Series Switches User Manual

2-5

Network diagram

Figure 2-1 Network diagram for QoS profile configuration

User

Switch

Network

AAA Server

Eth1/0/1

Configuration procedure

1) Configuration on the AAA server

# Configure the user authentication information and the matching relationship between the user name

and the QoS profile. Refer to the user manual of the AAA server for detailed configuration.

2) Configuration on the switch

# Configure IP addresses for the RADIUS server.

system-view

[Sysname] radius scheme radius1

[Sysname-radius-radius1] primary authentication 10.11.1.1

[Sysname-radius-radius1] primary accounting 10.11.1.2

[Sysname-radius-radius1] secondary authentication 10.11.1.2

[Sysname-radius-radius1] secondary accounting 10.11.1.1

# Set the encryption passwords for the switch to exchange packets with the authentication RADIUS

servers and accounting RADIUS servers.

[Sysname-radius-radius1] key authentication money

[Sysname-radius-radius1] key accounting money

# Configure the switch to delete the user domain name from the user name and then send the user

name to the RADIUS sever.

[Sysname-radius-radius1] user-name-format without-domain

[Sysname-radius-radius1] quit

# Create the user domain test.net and specify radius1 as your RADIUS server group.

[Sysname] domain test.net

[Sysname-isp-test.net] radius-scheme radius1

[Sysname-isp-test.net] quit

# Create ACL 3000 to permit IP packets destined for any IP address.

[Sysname] acl number 3000

[Sysname-acl-adv-3000] rule 1 permit ip destination any

[Sysname-acl-adv-3000] quit