HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 72
Configuration procedure, Enable the Telnet server on Switch A.
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 72 highlights
Figure 22 Network diagram Vlan-int3 192.168.1.1/24 NAS Vlan-int2 10.1.1.1/24 RADIUS server Vlan-int2 10.1.1.2/24 Telnet user 192.168.1.2 Switch A Switch B Configuration procedure 1. Assign an IP address to each interface as shown in Figure 22. (Details not shown.) 2. Configure the NAS: # Enable the Telnet server on Switch A. system-view [SwitchA] telnet server enable # Configure Switch A to use AAA for Telnet users. [SwitchA] user-interface vty 0 4 [SwitchA-ui-vty0-4] authentication-mode scheme [SwitchA-ui-vty0-4] quit # Create RADIUS scheme rad. [SwitchA] radius scheme rad # Specify the IP address for the primary authentication server as 10.1.1.2, the port for authentication as 1645, and the shared key for secure authentication communication as abc. [SwitchA-radius-rad] primary authentication 10.1.1.2 1645 key abc # Configure the scheme to remove the domain name from a username before sending the username to the RADIUS server. [SwitchA-radius-rad] user-name-format without-domain # Set the source IP address for RADIUS packets as 10.1.1.1. [SwitchA-radius-rad] nas-ip 10.1.1.1 [SwitchA-radius-rad] quit # Create ISP domain bbb. [SwitchA] domain bbb # Specify the authentication method for Telnet users as rad. [SwitchA-isp-bbb] authentication login radius-scheme rad # Specify the authorization method for Telnet users as rad. [SwitchA-isp-bbb] authorization login radius-scheme rad # Specify the accounting method for Telnet users as none. [SwitchA-isp-bbb] accounting login none # Configure the RADIUS server type as standard. When a switch is configured to serve as a RADIUS server, the server type must be set to standard. [SwitchA-isp-bbb] server-type standard [SwitchA-isp-bbb] quit # Configure bbb as the default ISP domain. Then, if a user enters a username without any ISP domain at login, the authentication and accounting methods of the default domain is used for the user. [SwitchA] domain default enable bbb 3. Configure the RADIUS server: # Create RADIUS user aaa and enter its view. 62