Sunday, February 28, 2016

How to Configure the Local AAA on Huawei MA5600T

Context
1 The local AAA configuration is simple, which does not depend on the external server.
2 The local AAA supports only authentication.
Procedure
Step 1 Configure the AAA authentication scheme.
NOTE
A The authentication scheme specifies how all the users in an Internet service provider (ISP) domain are authenticated. The system supports up to 16 authentication schemes.
B The system has a default authentication scheme named default. It can be modified, but cannot be deleted.
1. Run the aaa command to enter the AAA mode.
2. Run the authentication-scheme command to add an authentication scheme.
3. Run the authentication-mode local command to configure the authentication mode of the authentication scheme.
4. Run the quit command to return to the AAA mode.
Step 2 Create a domain.
NOTE
A  A domain is a group of users of the same type.
B In the user name format userid@domain-name (for example, huawei20041028@huawei.net), “userid” indicates the user name for authentication and “domain-name” followed by “@” indicates the domain name.
C  The domain name for user login cannot exceed 15 characters, and the other domain names cannot exceed 20 characters.
1. In the AAA mode, run the domain command to create a domain.
Step 3 Refer the authentication scheme.
NOTE
You can refer an authentication scheme in a domain only after the authentication scheme is created.
1. In the domain mode, run the authentication-scheme command to reference the
authentication scheme.
2. Run the quit command to return to the AAA mode.
Step 4 Configure a local user.
In the AAA mode, run the local-user password command to create a local AAA user.
—-End
Example
User1 in the isp domain adopts the local server for authentication. The authentication scheme is newscheme, the password is a123456, do as follows:
huawei(config)#aaa
huawei(config-aaa)#authentication-scheme newscheme
Info: Create a new authentication scheme
huawei(config-aaa-authen-newscheme)#authentication-mode local
huawei(config-aaa-authen-newscheme)#quit
huawei(config-aaa)#domain isp
Info: Create a new domain
huawei(config-aaa-domain-isp)#authentication-scheme newscheme
huawei(config-aaa-domain-isp)#quit
huawei(config-aaa)#local-user user1@isp password a123456
 The similar product MA5680T,MA5683T, related information please visit:http://www.thunder-link.com/support
More related:

The Issue that the MA5600T H802GPBD Board Resets Repeatedly

Posted by at
Labels: , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)