HP 6125XLG R2306-HP 6125XLG Blade Switch Fundamentals Configuration Guide - Page 62

Network requirements The switch in Figure 17 uses the FreeRADIUS server at 10.1.1.1/24 to provide AAA service for login users, including the Telnet user at 192.168.1.58. This Telnet user uses the username hello@bbb and is assigned the user role role2. This user role has the following permissions: • Performs all the commands in ISP view. • Performs read and write commands of the features arp and radius. • Has no access to read commands of the feature acl. • Configures VLANs 1 to 20 and interfaces Ten-GigabitEthernet 1/1/5 to Ten-GigabitEthernet 1/1/10. The switch and the FreeRADIUS server use the shared key expert and authentication port 1812. The switch delivers usernames with their domain names to the server. Figure 17 Network diagram Configuration procedure Make sure the settings on the switch and the RADIUS server match. 1. Configure the switch: # Assign VLAN-interface 2 an IP address from the same subnet as the Telnet user. system-view [Switch] interface vlan-interface 2 [Switch-Vlan-interface2] ip address 192.168.1.70 255.255.255.0 [Switch-Vlan-interface2] quit # Assign VLAN-interface 3 an IP address from the same subnet as the RADIUS server. [Switch] interface vlan-interface 3 [Switch-Vlan-interface3] ip address 10.1.1.2 255.255.255.0 [Switch-Vlan-interface3] quit # Enable Telnet server. [Switch] telnet server enable # Enable scheme authentication on the user interfaces for Telnet users. [Switch] user-interface vty 0 15 [Switch-ui-vty0-15] authentication-mode scheme [Switch-ui-vty0-15] quit # Create the RADIUS scheme rad and enter its view. [Switch] radius scheme rad 55