Displaying and maintaining aaa, Aaa configuration examples, Network requirements – H3C Technologies H3C SecBlade LB Cards User Manual

78

Displaying and maintaining AAA

Task Command

Remarks

Display the configuration of
ISP domains.

display domain [ isp-name ] [ | { begin | exclude | include }
regular-expression ]

Available in
any view.

Display information about
user connections.

display connection [ domain isp-name | interface
interface-type interface-number | ip ip-address | mac

mac-address | ucibindex ucib-index | user-name user-name

| vlan vlan-id ] [ | { begin | exclude | include }
regular-expression ]

Available in
any view.

AAA configuration examples

Authentication/authorization for Telnet/SSH users by a
RADIUS server

The configuration of RADIUS authentication and authorization for SSH users is similar to that for Telnet
users. This example describes the configuration for Telnet users.

Network requirements

As shown in

Figure 29

, configure LB to use the RADIUS server for Telnet user authentication and

authorization and add an account with the username hello@bbb on the RADIUS server, so the Telnet user

can log in to LB and is authorized with the privilege level 3 after login.
Set the shared key for secure RADIUS communication to expert, and set the ports for

authentication/authorization and accounting to 1812 and 1813, respectively. Configure LB to include the

domain name in the usernames sent to the RADIUS server.

Figure 29 Network diagram

Configuring the RADIUS server on IMC

The RADIUS server in this example runs on IMC PLAT 5.0 (E0101) and IMC UAM 5.0 (E0101).

1.

Add LB to the IMC Platform as an access device: