18
AAA CONFIGURATION GUIDE
Configuring RADIUS | Authentication, Authorization and Accounting (AAA) is a uniform framework used |
Authentication for | to configure the three functions for network security management. It can be |
Telnet Users | implemented by multiple protocols. |
| RADIUS configurations are made in RADIUS schemes. When performing RADIUS |
| configurations, you first create a RADIUS scheme and then specify the IP addresses |
| and UDP port numbers of the RADIUS servers for the scheme. These RADIUS |
| servers include the primary and secondary authentication/authorization severs and |
| accounting servers. In addition, you need to configure the shared key and specify |
| the RADIUS server type. |
| In practice, you can configure the above parameters as required. But you should |
| configure at least one authentication/authorization server and one accounting |
| server. If no accounting server is needed, you must configure the accounting |
| optional command. Besides, the RADIUS server port settings on the switch must |
| be consistent with those on the RADIUS servers. |
Network Diagram | Figure 43 Network diagram for configuring RADIUS authentication for Telnet users |
| RADIUS server |
| 10.110.91.164/16 |
Networking and
Configuration
Requirements
Internet
Telnet user
As shown in Figure 43, configure the switch so that Telnet users logging into the switch are authenticated remotely by the RADIUS server.
■A RADIUS authentication server with an IP address of 10.110.91.164 is connected to the switch.
■On the switch, set the shared key for exchanging messages with the authentication RADIUS server to aabbcc.
■A CAMS server is used as the RADIUS server. Select extended as the
■On the RADIUS server, set the shared key for exchanging messages with the switch to aabbcc, configure the authentication port number, and add Telnet
