3com 8807 Guia Do Utilizador
AAA and RADIUS/HWTACACS Protocol Configuration Examples
263
Configuring
Authentication at
Remote RADIUS Server
n
Configuring Telnet user authentication at the remote server is similar to
configuring FTP users. The following description is based on Telnet users.
configuring FTP users. The following description is based on Telnet users.
Network Requirements
In the environment as illustrated in the following figure, it is required to achieve
through proper configuration that the RADIUS server authenticates the Telnet
users to be registered.
through proper configuration that the RADIUS server authenticates the Telnet
users to be registered.
One RADIUS server (as authentication server) is connected to the switch and the
server IP address is 10.110.91.146. The password for exchanging messages
between the switch and the authentication server is "expert". The switch cuts off
domain name from username and sends the left part to the RADIUS server.
server IP address is 10.110.91.146. The password for exchanging messages
between the switch and the authentication server is "expert". The switch cuts off
domain name from username and sends the left part to the RADIUS server.
Network Topology
Figure 63 Network diagram for the remote RADIUS authentication of Telnet users
Configuration procedure
# Add a Telnet user.
Omitted
n
For details about configuring FTP and Telnet users, refer to User Interface
Configuration of Getting Started Operation part in Switch 8800 Family Series
Routing Switches Operation Manual.
Configuration of Getting Started Operation part in Switch 8800 Family Series
Routing Switches Operation Manual.
# Configure remote authentication mode for the Telnet user, i.e. Scheme mode.
[3Com-ui-vty0-4] authentication-mode scheme
# Configure RADIUS scheme.
[SW8800] radius scheme cams
[3Com-radius-cams] primary authentication 10.110.91.146 1812
[3Com-radius-cams] key authentication expert
[3Com-radius-cams] server-type 3Com
[3Com-radius-cams] user-name-format without-domain
Authentication Servers
( IP address:10.110.91.164 )
Internet
Switch
telnet user
Internet