Configuring the secpath, N in, Figure 128 – H3C Technologies H3C SecPath F1000-E User Manual
Page 156
146
Figure 128 Adding a port group
# Select Service Parameters > Validate System Configuration from the navigation tree to validate the
configurations.
Configuring the SecPath
1.
Configure a RADIUS scheme:
# Create RADIUS scheme rs1 and enter its view.
[SecPath] radius scheme rs1
# Configure the server type for the RADIUS scheme. When using the IMC server, configure the
RADIUS server type as extended.
[SecPath-radius-rs1] server-type extended
# Specify the primary authentication server and primary accounting server, and configure the keys
for communication with the servers.
[SecPath-radius-rs1] primary authentication 192.168.0.112
[SecPath-radius-rs1] primary accounting 192.168.0.112
[SecPath-radius-rs1] key authentication radius
[SecPath-radius-rs1] key accounting radius
# Configure the access device to not carry the ISP domain name in the username sent to the
RADIUS server.
[SecPath-radius-rs1] user-name-format without-domain
[SecPath-radius-rs1] quit
2.
Configure an authentication domain:
# Create ISP domain dm1 and enter its view.
[SecPath] domain dm1
# Configure AAA methods for the ISP domain.
[SecPath-isp-dm1] authentication portal radius-scheme rs1
[SecPath-isp-dm1] authorization portal radius-scheme rs1
[SecPath-isp-dm1] accounting portal radius-scheme rs1
[SecPath-isp-dm1] quit
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS