Verifying the configuration, Network requirements, Configuration procedure – H3C Technologies H3C SecBlade LB Cards User Manual
Page 92
81
# Set the shared key for secure authentication communication to expert.
[LB-radius-rad] key authentication expert
# Specify the service type for the RADIUS server, which must be extended when the server runs on IMC.
[LB-radius-rad] server-type extended
# Include the domain names in usernames sent to the RADIUS server.
[LB-radius-rad] user-name-format with-domain
[LB-radius-rad] quit
# Configure the AAA methods for domain bbb. Because RADIUS authorization information is sent to the
RADIUS client in the authentication response messages, be sure to reference the same scheme for user
authentication and authorization.
[LB] domain bbb
[LB-isp-bbb] authentication login radius-scheme rad
[LB-isp-bbb] authorization login radius-scheme rad
[LB-isp-bbb] quit
Verifying the configuration
After the configuration is complete, the user can Telnet to LB, use the configured account to enter the user
interface of LB, and access all the commands of level 0 to level 3.
# Use the display connection command to view the connection information on LB.
[LB] display connection
Index=1 ,Username=hello@bbb
IP=192.168.1.58
IPv6=N/A
Total 1 connection(s) matched.
Local authentication/authorization for Telnet/FTP users
The configuration of local authentication and authorization for FTP users is similar to that for Telnet users.
This example describes the configuration of Telnet users.
Network requirements
As shown in
, configure LB to perform local authentication and authorization for Telnet users.
Figure 32 Network diagram
Configuration procedure
1.
Configure LB:
# Assign an IP address to interface GigabitEthernet 0/1, the Telnet user access interface.
[LB] interface gigabitethernet 0/1
[LB-GigabitEthernet0/1] ip address 192.168.1.70 255.255.255.0
[LB-GigabitEthernet0/1] quit