Operation Manual – AAA
H3C S3100 Series Ethernet Switches
Chapter 2 AAA Configuration
2-33
The Telnet user names added to the RADIUS server must be in the format of
userid
@
isp-name
if you have configured the switch to include domain names in the
user names to be sent to the RADIUS server in the RADIUS scheme.
II. Network diagram
Figure 2-1
Remote RADIUS authentication of Telnet users
III. Configuration procedure
# Enter system view.
<Sysname> system-view
# Adopt AAA authentication for Telnet users.
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] authentication-mode scheme
[Sysname-ui-vty0-4] quit
# Configure an ISP domain.
[Sysname] domain cams
[Sysname-isp-cams] access-limit enable 10
[Sysname-isp-cams] quit
# Configure a RADIUS scheme.
[Sysname] radius scheme cams
[Sysname-radius-cams] accounting optional
[Sysname-radius-cams] primary authentication 10.110.91.164 1812
[Sysname-radius-cams] key authentication aabbcc
[Sysname-radius-cams] server-type Extended
[Sysname-radius-cams] user-name-format with-domain
[Sysname-radius-cams] quit
# Associate the ISP domain with the RADIUS scheme.
[Sysname] domain cams
[Sysname-isp-cams] scheme radius-scheme cams