Verifying the configuration, Network requirements, Configuration procedure – H3C Technologies H3C S12500-X Series Switches User Manual
Page 62
50
177B
Verifying the configuration
When the user initiates an SSH connection to the switch and enter the username hello@bbb and the
correct password, the user successfully logs in and can use the commands for the network-operator user
role.
25B
Authentication and authorization for SSH users by a
RADIUS server
178B
Network requirements
As shown in
745H
Figure 13
, the RADIUS authentication and authorization server runs on IMC.
Configure the switch to use the RADIUS server for SSH user authentication and authorization and add an
account with the username hello@bbb on the RADIUS server, so that the SSH user can log in to the switch
and is authorized with the network-operator user role after login.
Set the shared keys for secure RADIUS communication to expert, and set the ports for authentication and
accounting to 1812 and 1813, respectively. Configure the switch to include the domain name in the
username sent to the RADIUS server.
Figure 13 Network diagram
179B
Configuration procedure
1.
Configure the RADIUS server on IMC 5.0:
NOTE:
In this example, the RADIUS server runs on IMC PLAT 5.0 (E0101) and IMC UAM 5.0 (E0101).
# Add the switch to the IMC Platform as an access device.
Log in to IMC, click the Service tab, and select User Access Manager > Access Device
Management > Access Device from the navigation tree. Then, click Add to configure an access
device as follows:
a.
Set the shared key for secure RADIUS communication to expert.
b.
Set the ports for authentication and accounting to 1812 and 1813, respectively.