Filter
Top Products
Configuring AAA and RADIUS 539
Table 609 Configure FTP User and the Usable Directory
Authorize a User with Usable Service Types
The services, which can be used by a user, are authorized in the local database.
Presently there are five service types, which are listed as follows:
■ exec refers to operations that include logging in to the router and configuring
it via Telnet or other means (such as Console port, AUX port, X25PAD call, etc).
■ exec-administrator: Authorized “administrator” user can use EXEC. EXEC
refers to the operation of logging into the router by means of Telnet or through
console port, AUX port and X.25PAD.
■ exec-guest: Authorized “guest” user can use EXEC.
■ exec-operator: Authorized “operator” user can use EXEC.
■ ftp refers to operations that include logon to the router via file transmission so
as to share corresponding services.
■ ppp refers to remote dial-in service used by the user.
When a single service is authorized to a user, it is only necessary to configure any
one of the parameters of
exec, ftp, and ppp after the service type. When
multiple services are authorized to a user, it is necessary to configure over 2 types
of the above-mentioned parameters, other than to use this command repeatedly,
because the new service type will overwrite the old one, not to pack the service
type.
Table 610 Configure Authorizing a User with Usable Service Types
By default users are authorized to use services of PPP type.
Configure RADIUS
Server
Perform the following configurations in system view.
Configure IP Address, Authentication Port Number and Accounting Port
Number of the Server Host
At most 3 RADIUS servers can be configured for a user.
RADIUS follows the principles below to select authentication and accounting
server:
■ Servers are used in the sequence in which they are configured.
Operation Command
Configure an FTP user and the usable
directory
local-user user [ ftp-directory
directory ] ...
Delete an FTP user and the usable
directory
undo local-user user
Operation Command
Configure authorizing a user with usable
services
local-user user [ service-type {
exec-administrator | exec-guest |
exec-operator | ftp | ppp } ... ] ...
Delete authorizing a user with usable
services
undo local-user user-name