Support User Manuals

3Com 10014299 Network Router User Manual

Open as PDF

of 762

534 CHAPTER 38: CONFIGURING AAA AND RADIUS PROTOCOL

■ Assigning an IP Address for a PPP User

■ Configuring a Local User Database

■ Configure RADIUS Server

Enabling and Disabling

AAA

Please perform the following configurations in the system view.

Table 599 Enable/Disable AAA

By default, AAA is disabled.

Configuring the

Authentication Method

List for Login Users

An authentication method list defines the authentication methods, including the

authentication types, which can be executed, and their execution sequence. This

list is used in sequence to authenticate users.

Login users are divided into FTP users and EXEC users. EXEC means logging on the

router through Telnet or other methods, such as the console port, asynchronous

serial port, telnet, X.25 PAD calling, for router configuration. The two types of

users have to be authorized in a local user database with the command

local-user service-type. If a RADIUS server is used for authentication, the

authorization details for the corresponding user (defining user name and

password) should be set on the RADIUS server, before it is started.

Perform the following configuration in system view.

Table 600 Configure AAA Login Authentication

By default, the login method list is aaa authentication-scheme login default

local

.

If the user does not define the methods-list, the execution sequence of default

method list will be used.

Method here refers to the authentication method. The Authentication method

includes the following:

■ radius --- authentication with the RADIUS server

■ local --- local authentication

■ none --- access authority to all users without authentication

While configuring the authentication method list, at least one authentication

method should be designated. If multiple authentication methods are designated,

then at the time of login authentication, if there is no response to the preceding

Operation Command

Enable AAA aaa-enable

Disable AAA undo aaa-enable

Operation Command

Configure login authentication method list

of AAA

aaa authentication-scheme login {

default | methods-list } [ template

server-template-name ] [ method1 ] [

method2 ]…

Delete login authentication method list of

AAA

undo aaa authentication-scheme login

{ default | methods-list }

previous next