3com 5500 用户手册
174
C
HAPTER
18: AAA C
ONFIGURATION
G
UIDE
Configuration Procedure
# Enter system view.
<3Com> system-view
# Configure the switch to use AAA authentication for Telnet users.
[3Com] user-interface vty 0 4
[3Com-ui-vty0-4] authentication-mode scheme
[3Com-ui-vty0-4] quit
# Configure a local user named telnet.
[3Com] local-user telnet
[3Com-luser-telnet] service-type telnet
[3Com-luser-telnet] password simple aabbcc
[3Com-luser-telnet] attribute idle-cut 300 access-limit 5
[3Com] domain system
[3Com-isp-system] scheme local
Complete Configuration
#
system-view
#
user-interface vty 0 4
authentication-mode scheme
quit
#
local-user telnet
service-type telnet
password simple aabbcc
attribute idle-cut 300 access-limit 5
domain system
scheme local
Precautions
The Telnet user needs to enter the username with the domain name system (that
is, telnet@system), so that the user is authenticated according to the configuration
of the system domain.
is, telnet@system), so that the user is authenticated according to the configuration
of the system domain.
The configurations of local authentication for FTP users are similar to those for
Telnet users.
Telnet users.
Configuring
HWTACACS
Authentication for
Telnet Users
HWTACACS
Authentication for
Telnet Users
3Com Terminal Access Controller Access Control System (HWTACACS) is an
enhanced security protocol based on TACACS (RFC 1492). Similar to the RADIUS
protocol, it adopts the client/server model and implements AAA for multiple types
of users through communicating with TACACS servers.
enhanced security protocol based on TACACS (RFC 1492). Similar to the RADIUS
protocol, it adopts the client/server model and implements AAA for multiple types
of users through communicating with TACACS servers.
Compared with RADIUS, HWTACACS provides more reliable transmission and
encryption, and therefore is more suitable for security control.
encryption, and therefore is more suitable for security control.