Configuring the secpath, N in, Figure 128 – H3C Technologies H3C SecPath F1000-E User Manual
Page 156
146
Figure 128 Adding a port group
# Select Service Parameters > Validate System Configuration from the navigation tree to validate the
configurations.
Configuring the SecPath
1.
Configure a RADIUS scheme:
# Create RADIUS scheme rs1 and enter its view.
<SecPath> system-view
[SecPath] radius scheme rs1
# Configure the server type for the RADIUS scheme. When using the IMC server, configure the
RADIUS server type as extended.
[SecPath-radius-rs1] server-type extended
# Specify the primary authentication server and primary accounting server, and configure the keys
for communication with the servers.
[SecPath-radius-rs1] primary authentication 192.168.0.112
[SecPath-radius-rs1] primary accounting 192.168.0.112
[SecPath-radius-rs1] key authentication radius
[SecPath-radius-rs1] key accounting radius
# Configure the access device to not carry the ISP domain name in the username sent to the
RADIUS server.
[SecPath-radius-rs1] user-name-format without-domain
[SecPath-radius-rs1] quit
2.
Configure an authentication domain:
# Create ISP domain dm1 and enter its view.
[SecPath] domain dm1
# Configure AAA methods for the ISP domain.
[SecPath-isp-dm1] authentication portal radius-scheme rs1
[SecPath-isp-dm1] authorization portal radius-scheme rs1
[SecPath-isp-dm1] accounting portal radius-scheme rs1
[SecPath-isp-dm1] quit