3Com 2928 User Guide - Page 386
Introduction to ISP Domain, Configuring AAA, Configuration Prerequisites, Configuration Task List
UPC - 662705557113
View all 3Com 2928 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 386 highlights
configure an authentication server. If network usage information is expected to be recorded, you also need to configure an accounting server. As described above, AAA provides a uniform framework to implement network security management. It is a security mechanism that enables authenticated and authorized entities to access specific resources and records operations of the entities. As the AAA framework allows for excellent scalability and centralized user information management, it has gained wide application. AAA can be implemented through multiple protocols. Currently, the device supports using RADIUS, which is often used in practice. For details about RADIUS, refer to RADIUS Configuration. Introduction to ISP Domain An Internet service provider (ISP) domain represents a group of users. For a username in the userid@isp-name format, the access device considers the userid part the username for authentication and the isp-name part the ISP domain name. In a networking scenario with multiple ISPs, an access device may connect users of different ISPs. As users of different ISPs may have different user attributes (such as username and password structure, service type, and rights), you need to configure ISP domains to distinguish the users. In addition, you need to configure different attribute sets including AAA methods for the ISP domains. For the NAS, each user belongs to an ISP domain. If a user does not provide the ISP domain name, the system considers that the user belongs to the default ISP domain. Configuring AAA Configuration Prerequisites 1) To deploy local authentication, you need to configure local users on the access device. Refer to User Configuration for details. 2) To deploy remote authentication, authorization, or accounting, you need to create the RADIUS schemes to be referenced. For details about RADIUS scheme configuration, refer to RADIUS Configuration. Configuration Task List Perform the tasks in Table 1-1 to configure AAA. 1-2