3com 8807 Guia Do Utilizador

AAA and RADIUS/HWTACACS Protocol Configuration Examples

263

Configuring

Authentication at

Remote RADIUS Server

Configuring Telnet user authentication at the remote server is similar to
configuring FTP users. The following description is based on Telnet users.

Network Requirements

In the environment as illustrated in the following figure, it is required to achieve
through proper configuration that the RADIUS server authenticates the Telnet
users to be registered.

One RADIUS server (as authentication server) is connected to the switch and the
server IP address is 10.110.91.146. The password for exchanging messages
between the switch and the authentication server is "expert". The switch cuts off
domain name from username and sends the left part to the RADIUS server.

Network Topology

Figure 63 Network diagram for the remote RADIUS authentication of Telnet users

Configuration procedure

# Add a Telnet user.

Omitted

For details about configuring FTP and Telnet users, refer to User Interface
Configuration of Getting Started Operation part in Switch 8800 Family Series
Routing Switches Operation Manual.

# Configure remote authentication mode for the Telnet user, i.e. Scheme mode.

[3Com-ui-vty0-4] authentication-mode scheme

# Configure RADIUS scheme.

[SW8800] radius scheme cams

[3Com-radius-cams] primary authentication 10.110.91.146 1812

[3Com-radius-cams] key authentication expert

[3Com-radius-cams] server-type 3Com

[3Com-radius-cams] user-name-format without-domain

Authentication Servers

( IP address:10.110.91.164 )

Internet

Switch

telnet user

Internet