No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


FAQ-How to Remotely Manage the RADIUS Authentication on the MA5680T for Users

Publication Date:  2012-07-25 Views:  99 Downloads:  0
Issue Description
How to remotely manage the RADIUS authentication on the MA5680T for users? 
Alarm Information
Handling Process
1. Create a RADIUS template, and configure the IP address, port ID, and shared key of the RADIUS server.
radius-server template
radius-server shared-key aaa8010
radius-server authentication 1645
radius-server authentication 1646
2. In the AAA mode, configure the authentication scheme and the accounting scheme.
authentication-scheme huawei
authentication-mode radius
accounting-scheme huawei
accounting-mode radius
3. Create a domain, and specify the authentication mode and the accounting scheme.
domain huawei
authentication-scheme huawei
accounting-scheme huawei
Root Cause
Pay attention to the following points:
1. A reachable route must exist between the MA5680T and the RADIUS server.
2. In the telnet operation, the user name must include the domain (for example, hw123@huawei) for RADIUS authentication.
3. By default, the user name sent to the RADIUS server includes the domain. You can run the undo radius-server user-name domain-included to disable this function.
4. The user root can still log in to the system.