Fips compliance, Aaa configuration considerations and task list – H3C Technologies H3C S12500-X Series Switches User Manual

17

No. Sub-attribute

Description

206 Output-Interval-Gigawords

Amount of bytes output within an accounting interval, in units of 4G
bytes.

207 Backup-NAS-IP

Backup

source IP address for sending RADIUS packets.

255 Product_ID

Product

name.

16B

FIPS compliance

The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features,

commands, and parameters might differ in FIPS mode (see "

685H

Configuring FIPS

") and non-FIPS mode.

17B

AAA configuration considerations and task list

To configure AAA, complete these tasks on the NAS:

1.

Configure the required AAA schemes.

{

Local authentication—Configure local users and the related attributes, including the usernames
and passwords, for the users to be authenticated.

{

Remote authentication—Configure the required RADIUS, HWTACACS, and LDAP schemes.

2.

Configure AAA methods for the users' ISP domains. Remote AAA methods need to reference the
configured RADIUS, HWTACACS, and LDAP schemes.

Figure 10 AAA configuration procedure

To configure AAA, perform the following tasks:

Configure the RADIUS, HWTACACS,

or LDAP schemes to be referenced

none

/

local (the default)

/

scheme

Authorization method

Accounting method

Configure AAA methods for
different types of users or/and
the default methods for all
types of users

Create an ISP domain

and enter its view

Authentication method

Configure local users and related

attributes

+

+

Local AAA

Remote AAA

No AAA

none

/

local (the default)

/

scheme

none

/

local (the default)

/

scheme