3Com Switch 8800 Configuration Guide
Chapter 40 AAA and RADIUS/ Protocol Con
figuration
40-6
Figure 40-3
Network diagram for using RADIUS to authenticate
40.2 AAA Configuration
The following sections describe AAA configuration tasks.
z
Creating/Deleting an ISP Domain
z
Configuring Relevant Attributes of an ISP Domain
z
Configuring Self-Service Server URL
z
Creating/Deleting a Local User
z
Setting the Attributes of a Local User
z
Disconnecting a User by Force
z
Configuring Dynamic VLAN Delivering
Among the above configuration tasks, creating ISP domain is compulsory, otherwise
the supplicant attributes cannot be distinguished. The other tasks are optional. You can
configure them at requirements.
40.2.1 Creating/Deleting an ISP Domain
What is Internet Service Provider (ISP) domain? To make it simple, ISP domain is a
group of users belonging to the same ISP. Generally, for a username in the
userid@isp-name format, taking [email protected] as an example, the
isp-name (i.e. 3Com163.net) following the @ is the ISP domain name. When a Switch
8800 controls user access, as for an ISP user whose username is in userid@isp-name
format, the system will take userid part as username for identification and take
isp-name part as domain name.
The purpose of introducing ISP domain settings is to support the multi-ISP application
environment. In such environment, one access device might access users of different
ISP. Because the attributes of ISP users, such as username and password formats, etc,
may be different, it is necessary to differentiate them through setting ISP domain. In the
Internet
PC user1
PC user2
PC user3
PC user4
SW5500
SW5500
ISP1
ISP2
Accounting
Server1
8800 Series
8800 Series
Authentication