beautypg.com

H3C Technologies H3C S3100 Series Switches User Manual

Page 404

background image

i

Table of Contents

1 AAA Overview ············································································································································1-1

Introduction to AAA ·································································································································1-1

Authentication··································································································································1-1

Authorization····································································································································1-1

Accounting·······································································································································1-2

Introduction to ISP Domain ·············································································································1-2

Introduction to AAA Services ··················································································································1-3

Introduction to RADIUS ···················································································································1-3

Introduction to HWTACACS ············································································································1-7

2 AAA Configuration ····································································································································2-1

AAA Configuration Task List ···················································································································2-1

Configuration introduction ···············································································································2-1

Creating an ISP Domain and Configuring Its Attributes ··································································2-2

Configuring an AAA Scheme for an ISP Domain ············································································2-3

Configuring Dynamic VLAN Assignment·························································································2-8

Configuring the Attributes of a Local User·······················································································2-9

Cutting Down User Connections Forcibly······················································································2-10

RADIUS Configuration Task List···········································································································2-11

Creating a RADIUS Scheme ·········································································································2-12

Configuring RADIUS Authentication/Authorization Servers ··························································2-13

Configuring Ignorance of Assigned RADIUS Authorization Attributes ··········································2-14

Configuring the Sending Mode of Accounting Start Requests ······················································2-15

Configuring RADIUS Accounting Servers ·····················································································2-16

Configuring Shared Keys for RADIUS Messages ·········································································2-17

Configuring the Maximum Number of RADIUS Request Transmission Attempts ············2-18

Configuring the Type of RADIUS Servers to be Supported ··························································2-18

Configuring the Status of RADIUS Servers···················································································2-19

Configuring the Attributes of Data to be Sent to RADIUS Servers ···············································2-20

Configuring the Local RADIUS Authentication Server Function ···················································2-21

Configuring Timers for RADIUS Servers·······················································································2-22

Enabling Sending Trap Message when a RADIUS Server Goes Down ·······································2-23

Enabling the User Re-Authentication at Restart Function·····························································2-23

HWTACACS Configuration Task List····································································································2-25

Creating an HWTACACS Scheme ································································································2-25

Configuring TACACS Authentication Servers ···············································································2-25

Configuring TACACS Authorization Servers ·················································································2-26

Configuring TACACS Accounting Servers ····················································································2-27

Configuring Shared Keys for HWTACACS Messages ··································································2-27

Configuring the Attributes of Data to be Sent to TACACS Servers ··············································2-28

Configuring the Timers Regarding TACACS Servers ···································································2-29

Displaying and Maintaining AAA···········································································································2-29

AAA Configuration Examples················································································································2-31

See also other documents in the category H3C Technologies Routers: