60
DWS-1008 User’s Manual
D-Link Systems, Inc.
Configuring AAA for Administrative and Local Access
The following scenarios illustrate typical configurations for administrative and local
authentication. For all scenarios, the administrator is Natasha with the password
m@Jor
.
Local Authentication
The first time you access a DWS-1008 switch, it requires no authentication. In this scenario,
after the initial configuration of the DWS-1008 switch, Natasha is connected through the
console and has enabled access.
To enable local authentication for a console user, you must configure a local username.
Natasha types the following commands in this order:
DWS-1008#
set user natasha password m@Jor
User natasha created
DWS-1008#
set authentication console * local
success: change accepted.
DWS-1008#
save config
success: configuration saved.
Local Authentication for Console Users and RADIUS Authentication for
Telnet Users
This scenario illustrates how to enable local authentication for console users and RADIUS
authentication for Telnet administrative users. To do so, you configure at least one local
sername for console authentication and set up a RADIUS server for Telnet administrators.
Natasha types the following commands in this order:
DWS-1008#
set user natasha password m@Jor
User natasha created
DWS-1008#
set authentication console * local
success: change accepted.
DWS-1008#
set radius server r1 address 192.168.253.1 key sunFLOW#$
success: change accepted.
Natasha also adds the RADIUS server (
r1
) to the RADIUS server group
sg1
, and configures
Telnet administrative users for authentication through the group. She types the following
commands in this order:
DWS-1008#
set server group sg1 members r1
success: change accepted.
DWS-1008#
set authentication admin * sg1
success: change accepted.