3com S7906E Instruccion De Instalación

 

1-44 

[Switch-isp-bbb] quit 

# Configure the default AAA methods for all types of users. 

[Switch] domain bbb 

[Switch-isp-bbb] authentication default local 

[Switch-isp-bbb] authorization default hwtacacs-scheme hwtac 

[Switch-isp-bbb] accounting default radius-scheme rd 

When telneting into the switch, a user enters username telnet@bbb for authentication using domain 

bbb. 

As shown in

z 

Configure an iMC server to act as the RADIUS server to provide authentication, authorization, and 

accounting services for SSH users. The IP address of the RADIUS server is 10.1.1.1/24.  

z 

Set both the shared keys for authentication and accounting packets exchanged with the RADIUS 

server to expert; and specify that a username sent to the RADIUS server carries the domain name. 

The RADIUS server provides different user services according to the domain names.  

Figure 1-11 Configure AAA for SSH users by a RADIUS server 

Internet

Switch

SSH user

 RADIUS server

10.1.1.1/24

Vlan-int2

192.168.1.70/24

Vlan-int3
10.1.1.2/24

 

 

1)  Configure the RADIUS server. (iMC) 

 

This example assumes that the RADIUS server runs iMC PLAT 3.20-R2602 or iMC UAM 3.60-E6102. 

 

# Add an access device. 

Log into the iMC management platform, select the Service tab, and select Access Service > Access 

Device from the navigation tree to enter the Access Device page. Then, click Add to enter the Add 

Access Device window and perform the following configurations: 

z 

Set both the shared keys for authentication and accounting packets to expert 

z 

Specify the ports for authentication and accounting as 1812 and 1813 respectively