1 aaa configuration, Introduction to aaa, Aaa configuration – H3C Technologies H3C S5120 Series Switches User Manual
Page 407
1-1
1
AAA Configuration
This chapter includes these sections:
z
z
z
z
z
z
z
z
Introduction to AAA
Authentication, Authorization, and Accounting (AAA) provides a uniform framework for configuring
these three security functions to implement network security management.
AAA usually uses a client/server model, where the client runs on the network access server (NAS) and
the server maintains user information centrally. In an AAA network, a NAS is a server for users but a
client for the AAA servers, as shown in
.
Figure 1-1 AAA networking diagram
When a user tries to establish a connection to the NAS and to obtain the rights to access other networks
or some network resources, the NAS authenticates the user or the corresponding connection. The NAS
can transparently pass the user’s AAA information to the server (RADIUS server). The RADIUS
protocol defines how a NAS and a server exchange user information between them.
In the AAA network shown in
, there are two servers. You can determine the authentication,
authorization and accounting methods according to the actual requirements.
The three security functions are described as follows:
z
Authentication: Identifies remote users and judges whether a user is legal.