3Com 10014303 - page 19

User HWTACACS

Client HWTACACS

Server

User logs i n Authen ticati on Star t Reques t pack et

Authentic a tion resp onse pack et,

requesti ng for the use r name

Reques t User fo r the us er name

User enters the user nam e

Authentic a tion con tinuance p ac ket

carrying the user nam e

Authentic a tion resp onse pack et,

requesti ng for the pass word

Reques t User fo r the p asswor d

User enters the passw ord

Authentic a tion con tinuance p ac ket

carrying th e passw or d

Authen ticati on succ ess pa c ket

Authoriz ation reques t packe t

Authoriz ation succ ess packe t

User is per m itted

Accoun ting st art re qu est pac ket

Accounting start response packet

User quits

Accounting stop packet

Accountin g stop res p onse pack et

User HWTACACS

Client HWTACACS

Server

User logs i n Authen ticati on Star t Reques t pack et

Authentic a tion resp onse pack et,

requesti ng for the use r name

Reques t User fo r the us er name

User enters the user nam e Authentic a tion con tinuance p ac ket

carrying the user nam e

Authentic a tion resp onse pack et,

requesti ng for the pass word

Reques t User fo r the p asswor d

User enters the passw ord A uth enticati on contin ua nce packe t

carrying th e passw or d

Authen ticati on succ ess pa c ket

Authoriz ation reques t packe t

Authoriz ation succ ess packe t

User is per m itted

Accoun ting st art re qu est pac ket

Accounting start response packet

User quits

Accounting stop packet

Accountin g stop res p onse pack et

Figure 2-3 The flow of implementing AAA for a telnet user

2.3 The TACACS+ Functions Implemented by 3Com Routers

3Com Routers support the following TACACS+ functions:

1) AAA on login users (including console, Telnet, dumb terminal, PAD, terminal

accessing, and FTP users)

2) AAA on PPP users

3) AAA on VPDN users (L2TP is used in this case)

2.4 TACACS+ Configuration Tasks

Basic TACACS+ configuration tasks include:

 Create a TACACS+ server group

 Add the TACACS+ server into a TACACS+ server group

High-level TACACS+ configuration tasks include:

3Com Router Configuration Guide Addendum for V1.20