Verifying the configuration, Configuration guidelines – H3C Technologies H3C WA3600 Series Access Points User Manual
Page 242
229
Figure 225 Configure an accounting method for the ISP domain
10.
Log in to the CLI, enable Telnet service, and configure the AP to use AAA for Telnet users.
[AP] telnet server enable
[AP] user-interface vty 0 4
[AP-ui-vty0-4] authentication-mode scheme
[AP-ui-vty0-4] quit
Verifying the configuration
On the Telnet client, enter the username in the format userid@bbb and the password. You pass
authentication and log in to the AP.
Configuration guidelines
When you configure the HWTACACS client, follow these guidelines:
•
When there are users online, you cannot delete the HWTACACS scheme or change the
HWTACACS server IP address.
•
Except for deleting HWTACACS schemes and changing the IP addresses of the HWTACACS
servers, you can make any changes to HWTACACS parameters, no matter whether there are users
online or not.
•
HWTACACS authentication must work with HWTACACS authorization. If only HWTACACS
authentication is configured but HWTACACS authorization is not, users cannot log in.
•
You can remove an authentication/authorization/accounting server only when no active TCP
connection for sending authentication/authorization/accounting packets is using it.
•
HWTACACS does not support accounting for FTP users.
•
It is a good practice to use the recommended real-time accounting intervals listed in
Table 87 Recommended real-time accounting intervals
Number of users
Real-time accounting interval (in minutes)
1 to 99
3
100 to 499
6