Level Switching Authentication For Telnet Users By An Hwtacacs Server - HP A5830 Series Configuration Manual

Start=2011-04-26 19:41:12 ,Current=2011-04-26 19:41:25 ,Online=00h00m14s
Total 1 connection matched.
As the Authorized VLAN field in the output shows, VLAN 4 has been assigned to the user.
Level switching authentication for Telnet users by an
HWTACACS server
Network requirements
As shown in
the privilege level of 0 to the user after the user passes authentication.
Configure the switch to use the HWTACACS server for level switching authentication of the Telnet user
and to use local authentication as the backup method.
Figure 20 Configure level switching authentication for Telnet users by an HWTACACS server
Configuration considerations
Configure the switch to use AAA, particularly, local authentication for Telnet users.
1.
Create ISP domain bbb and configure it to use local authentication for Telnet users.
•
Create a local user account, configure the password, and assign the privilege level for the user to
•
use after login.
On the switch, configure the authentication method for user privilege level switching.
2.
Specify to use HWTACACS authentication. If HWTACACS authentication is not available, use local
•
authentication for user level switching authentication.
Configure HWTACACS scheme hwtac and assign an IP address to the HWTACACS server. Set the
•
shared keys for message exchange, and specify that usernames sent to the HWTACACS server
carry no domain name. Configure the domain to use the HWTACACS scheme hwtac for user
privilege level switching authentication.
Configure the password for local privilege level switching authentication.
•
On the HWTACACS server, add the username and password for user privilege level switching
3.
authentication.
Configuration procedure
Configure the switch.
1.
# Configure the IP address of VLAN-interface 2, through which the Telnet user accesses the switch.
<Switch> system-view
Figure 20, configure the switch to use local authentication for the Telnet user, and assign
56