No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FAQ-How to Remotely Manage the RADIUS Authentication on the MA5680T for Users

Publication Date:  2012-07-25 Views:  58 Downloads:  0
Issue Description
Q:
How to remotely manage the RADIUS authentication on the MA5680T for users? 
 
Alarm Information
Null
Handling Process
A:
1. Create a RADIUS template, and configure the IP address, port ID, and shared key of the RADIUS server.
radius-server template huawei.com
radius-server shared-key aaa8010
radius-server authentication 172.10.10.21 1645
radius-server authentication 172.10.10.21 1646
2. In the AAA mode, configure the authentication scheme and the accounting scheme.
authentication-scheme huawei
authentication-mode radius
accounting-scheme huawei
accounting-mode radius
3. Create a domain, and specify the authentication mode and the accounting scheme.
domain huawei
authentication-scheme huawei
accounting-scheme huawei
radius-server huawei.com 
 
Root Cause
Null
Suggestions
Pay attention to the following points:
1. A reachable route must exist between the MA5680T and the RADIUS server.
2. In the telnet operation, the user name must include the domain (for example, hw123@huawei) for RADIUS authentication.
3. By default, the user name sent to the RADIUS server includes the domain. You can run the undo radius-server user-name domain-included to disable this function.
4. The user root can still log in to the system. 

END