Manualsbrain.com
  1. Manuales
  2. Marcas
  3. 3com
  4. S7906E
  5. Instruccion De Instalación

3com S7906E Instruccion De Instalación

Descargar
Página de 2621
 
1-11 
For a user who has logged in to the device, AAA provides the following services to enhance device 
security: 
Command authorization: Allows the authorization server to check each command executed by the 
login user and only authorized commands can be successfully executed.  
Command accounting: Allows the accounting server to record all commands executed on the 
device or all authorized commands successfully executed. 
Level switching authentication: Allows the authentication server to authenticate users performing 
privilege level switching. As long as passing level switching authentication, users can switch their 
user privilege levels, without logging out and disconnecting the current connections.  
You can configure different authentication, authorization, and accounting methods for different users in 
a domain. For configuration details, refer to 
Table 1-4 Configuration references for the related parameters 
Access type/service type 
Refer to… 
LAN (such as 802.!X and MAC address 
authentication) 
802.1X Configuration and MAC Authentication 
Configuration in the Security Volume 
Login (such as SSH, Telnet, FTP, and terminal) 
SSH2.0 Configuration in the Security Volume
FTP and TFTP Configuration in the IP Services 
Volume 
Portal 
Portal Configuration in the Security Volume 
Command authorization and accounting 
Login Configuration in the System Volume
Level switching authentication
 
Basic System Configuration in the System 
Volume
 
Protocols and Standards 
The protocols and standards related to AAA, RADIUS, and HWTACACS include: 
RFC 2865: Remote Authentication Dial In User Service (RADIUS) 
RFC 2866: RADIUS Accounting 
RFC 2867: RADIUS Accounting Modifications for Tunnel Protocol Support 
RFC 2868: RADIUS Attributes for Tunnel Protocol Support 
RFC 2869: RADIUS Extensions 
RFC 1492: An Access Control Protocol, Sometimes Called TACACS 
AAA Configuration Task List 
The basic procedure to configure AAA is as follows:  
1)  Configure the required AAA schemes. 
Local authentication: Configure local users and related attributes, including usernames and 
passwords of the users to be authenticated.  
Remote authentication: Configure the required RADIUS, and/or HWTACACS schemes, and 
configure user attributes on the servers accordingly. 
2)  Configure the AAA methods: Reference the configured AAA schemes in the users’ ISP domains.