3com 3031 Instruccion De Instalación
796
C
HAPTER
57: AAA
AND
RADIUS C
ONFIGURATION
Perform the following in the User View.
3 Configuring applied authentication scheme for PPP users.
After configuring authentication scheme for PPP users, you need to import AAA
authentication and accounting scheme for PPP users in the interface view.
authentication and accounting scheme for PPP users in the interface view.
Perform the following configuration in the interface view.
AAA authentication and accounting is often for PPP users, whose IP addresses are
allocated by RADIUS server through negotiation. Therefore, you need to configure
IP address pool at the local device. See the “Link Layer Protocol” sector of this
manual for detailed configuration.
allocated by RADIUS server through negotiation. Therefore, you need to configure
IP address pool at the local device. See the “Link Layer Protocol” sector of this
manual for detailed configuration.
Configuring ISP-based
Authentication/
Accounting Scheme
If authentication and accounting is required for the users belonging to different
ISPs, you can select ISP-based authentication/accounting scheme, which is only
available for broadband users.
ISPs, you can select ISP-based authentication/accounting scheme, which is only
available for broadband users.
Enter ISP domain view and specify a specific AAA policy and RADIUS server for
every ISP.
every ISP.
Entering ISP Domain View
The ISP domain view is used in the broadband access to support multi-ISP. The
AAA policy and RADIUS server can be configured for each ISP in the ISP domain
view.
AAA policy and RADIUS server can be configured for each ISP in the ISP domain
view.
During user access, for the ISP domain user whose name is in the format
“userid@isp-name”, the system will take “userid@isp-name” as the user name for
authentication. Authentication, accounting, traffic limitation, etc. will be
implemented on the user according to configured ISP policy corresponding to the
domain name.
“userid@isp-name”, the system will take “userid@isp-name” as the user name for
authentication. Authentication, accounting, traffic limitation, etc. will be
implemented on the user according to configured ISP policy corresponding to the
domain name.
Table 867 Importing AAA authentication for Telnet/Terminal users
Operation
Command
Import AAA authentication for
Telnet/Terminal users
Telnet/Terminal users
authentication-mode scheme {
scheme-name | default }
Set Telnet/Terminal users to skip AAA
authentication
authentication
authentication-mode none
Table 868 Importing AAA authentication for PPP users
Operation
Command
Import AAA authentication for PPP users on
the interface
the interface
ppp authentication-mode { chap |
pap } [ call-in ] [ scheme {
default | scheme-name } ]
Cancel AAA authentication for PPP users
undo ppp authentication-mode
Import AAA accounting for PPP users on
the interface
the interface
ppp accounting scheme { default |
scheme-name }
Cancel AAA accounting for PPP users
undo ppp accounting