Network requirements, Network diagram, Configuration procedure – H3C Technologies H3C S3100 Series Switches User Manual

2-34

The configuration procedure for local authentication of FTP users is similar to that for Telnet users. The

following text only takes Telnet users as example to describe the configuration procedure for local

authentication.

Network requirements

In the network environment shown in

Figure 2-4

, you are required to configure the switch so that the

Telnet users logging into the switch are authenticated locally.

Network diagram

Figure 2-4 Local authentication of Telnet users

Configuration procedure

Method 1: Using local authentication scheme.

# Enter system view.

<Sysname> system-view

# Adopt AAA authentication for Telnet users.

[Sysname] user-interface vty 0 4

[Sysname-ui-vty0-4] authentication-mode scheme

[Sysname-ui-vty0-4] quit

# Create and configure a local user named "telnet".

[Sysname] local-user telnet

[Sysname-luser-telnet] service-type telnet

[Sysname-luser-telnet] password simple aabbcc

[Sysname-luser-telnet] quit

# Configure an authentication scheme for the default “system” domain.

[Sysname] domain system

[Sysname-isp-system] scheme local

A Telnet user logging into the switch with the name telnet@system belongs to the "system" domain and

will be authenticated according to the configuration of the "system" domain.

Method 2: using local RADIUS server

This method is similar to the remote authentication method described in section

Remote RADIUS

Authentication of Telnet/SSH Users

. However, you need to