Figure 2-1Remote RADIUS authentication of Telnet users

Authentication server

10. 110.91. 164

Internet

Telnet user

Configuration procedure

# Enter system view.

<device> system-view

# Adopt AAA authentication for Telnet users.

[device] user-interface vty 0 4

[device-ui-vty0-4] authentication-mode scheme

[device-ui-vty0-4] quit

# Configure an ISP domain.

[device] domain imc

[device-isp-imc] access-limit enable 10

[device-isp-imc] quit

# Configure a RADIUS scheme.

[device] radius scheme imc [device-radius-imc] accounting optional

[device-radius-imc] primary authentication 10.110.91.164 1812

[device-radius-imc] key authentication aabbcc

[device-radius-imc] server-type Extended

[device-radius-imc] user-name-format with-domain

[device-radius-imc] quit

# Associate the ISP domain with the RADIUS scheme.

[device] domain imc

[device-isp-imc] scheme radius-scheme imc

A Telnet user logging into the device by a name in the format of userid @imc belongs to the imc domain and will be authenticated according to the configuration of the imc domain.

2-27

Page 286
Image 286
3Com WX3000 # Adopt AAA authentication for Telnet users, # Configure an ISP domain, # Configure a Radius scheme