3com 5500-SI Manual De Usuario

User Re-authentication at Reboot 431

AAA and RADIUS

Protocol Configuration

Example

For the hybrid configuration example of AAA/RADIUS protocol and 802.1x protocol,
refer to “802.1x Configuration Example” on page 403.

Configuring the FTP/Telnet User Authentication at a Remote RADIUS Server

Configuring Telnet user authentication at the remote server is similar to configuring
FTP users. The following description is based on Telnet users.

Networking Requirements

In Figure 110, it is required to configure the remote RADIUS authentication of Telnet
users.

One RADIUS server (as authentication server) is connected to the Switch and the
server IP address is 10.110.91.146. The password for exchanging messages between
the Switch and the authentication server is "expert”. The Switch cuts off the domain
name from username and sends the remaining part to the RADIUS server.

Networking Topology

Figure 110 Configuring the Remote RADIUS Authentication for Telnet Users

Clear stop-accounting packets from the
buffer.

reset stop-accounting-buffer {
radius-scheme

radius_scheme_name

session-id

session_id | time-range

start_time stop_time | user-name

user_name }

Reset the statistics of RADIUS server.

reset radius statistics

Enable RADIUS packet debugging

debugging radius packet

Disable RADIUS packet debugging

undo debugging radius packet

Enable debugging of localRADIUS scheme

debugging local-server { all | error
| event | packet }

Disable debugging of localRADIUS scheme

undo debugging local-server { all |
error | event | packet }

Table 470 Displaying and Debugging AAA and RADIUS Protocol (continued)

Operation

Command

Authentication Servers

( IP address:10.110.91.164 )

Internet

Switch

telnet user

Internet