HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 48
Configuring AAA methods for ISP domains, Configuration prerequisites, Creating an ISP domain
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 48 highlights
Task Display the configuration information or statistics of HWTACACS schemes. Display information about buffered stop-accounting requests for which no responses have been received . Clear HWTACACS statistics . Clear buffered stop-accounting requests that get no responses . Command Remarks display hwtacacs [ hwtacacs-server-name [ statistics ] ] [ slot slot-number ] [ | { begin | exclude | include } regular-expression ] Available in any view display stop-accounting-buffer hwtacacs-scheme hwtacacs-scheme-name [ slot slot-number ] [ | { begin | exclude | include } regular-expression ] Available in any view reset hwtacacs statistics { accounting | all | authentication | authorization } [ slot slot-number ] Available in user view reset stop-accounting-buffer hwtacacs-scheme hwtacacs-scheme-name [ slot slot-number ] Available in user view Configuring AAA methods for ISP domains You configure AAA methods for an ISP domain by referencing configured AAA schemes in ISP domain view. Each ISP domain has a set of default AAA methods, which are local authentication, local authorization, and local accounting by default and can be customized. If you do not configure any AAA methods for an ISP domain, the switch uses the system default AAA methods for authentication, authorization, and accounting of the users in the domain. Configuration prerequisites To use local authentication for users in an ISP domain, configure local user accounts (see "Configuring local user attributes") on the switch. To use remote authentication, authorization, and accounting, create the required RADIUS, and HWTACACS, schemes as described in "Configuring RADIUS schemes," "Configuring HWTACACS schemes". Creating an ISP domain In a networking scenario with multiple ISPs, the switch may connect users of different ISPs, and users of different ISPs may have different user attributes, such as different username and password structures, different service types, and different rights. To distinguish the users of different ISPs, configure ISP domains, and configure different AAA methods and domain attributes for the ISP domains. The switch can accommodate up to 16 ISP domains, including the system predefined ISP domain system. You can specify one of the ISP domains as the default domain. On the switch, each user belongs to an ISP domain. If a user provides no ISP domain name at login, the switch considers the user belongs to the default ISP domain. To create an ISP domain: 38