beautypg.com

Configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 74

background image

60

Figure 11 Network diagram

Configuration procedure

1.

Configure the AC

# Assign IP addresses to the interfaces. (Details not shown.)
# Enable the Telnet server on the AC.

system-view

[AC] telnet server enable

# Configure the AC to use AAA for Telnet users.

[AC] user-interface vty 0 4

[AC-ui-vty0-4] authentication-mode scheme

[AC-ui-vty0-4] quit

# Specify the system predefined ISP domain system as the default ISP domain.

[AC] domain default enable system

# Create HWTACACS scheme hwtac.

[AC] hwtacacs scheme hwtac

# Specify the primary authorization server and the service port number.

[AC-hwtacacs-hwtac] primary authorization 10.1.1.2 49

# Set the shared key for authorization to expert.

[AC-hwtacacs-hwtac] key authorization expert

# Configure the scheme to remove the domain name from a username before sending the username to
the HWTACACS server.

[AC-hwtacacs-hwtac] user-name-format without-domain

[AC-hwtacacs-hwtac] quit

# Configure a local user with the name telnet and password telnet.

[AC] local-user telnet

[AC-luser-telnet] service-type telnet

[AC-luser-telnet] password simple telnet

# Create an ISP domain and configure authentication and authorization methods for login users, or
configure the default authentication and authorization methods for all types of users.

To configure authentication and authorization methods for login users:

[AC] domain system

[AC-isp-system] authentication login local

[AC-isp-system] authorization login hwtacacs-scheme hwtac

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: