[x]

AAA configuration examples > Local authentication and authorization for Telnet users

 

 Next

Local authentication and authorization for Telnet users

Network requirements

As shown in Figure 12, configure the switch to perform local authentication and authorization for Telnet users.

Figure 12: Network diagram

Configuration procedure

  • Configure the switch:

    • # Assign IP addresses to interfaces. (Details not shown.)

    # Configure the IP address of VLAN-interface 2.

    <Switch> system-view
[Switch] interface vlan-interface 2
[Switch-Vlan-interface2] ip address 192.168.1.70 255.255.255.0
[Switch-Vlan-interface2] quit

    # Enable the Telnet server on the switch.

    [Switch] telnet server enable

    # Configure the switch to use AAA for Telnet users.

    [Switch] user-interface vty 0 15
[Switch-ui-vty0-15] authentication-mode scheme
[Switch-ui-vty0-15] quit

    # Create a local user named hello.

    [Switch] local-user hello
[Switch-luser-hello] service-type telnet
[Switch-luser-hello] password simple hello
[Switch-luser-hello] quit

    # Configure authentication and authorization methods for the ISP domain. 

    [Switch] domain bbb
[Switch-isp-bbb] authentication login local
[Switch-isp-bbb] authorization login local
[Switch-isp-bbb] quit

  • Verify the configuration:

    • Telnet to the switch, and enter the username hello@bbb and the correct password. You pass authentication and log in to the switch. Use the display connection command on the switch to see information about the user connection.

    [Switch] display connection

Index=0   , Username=hello@bbb
 IP=192.168.1.58
 IPv6=N/A
 Total 1 connection(s) matched.

    prev

     

    up

     next

    AAA for Telnet users by an HWTACACS server 

    home

     Authentication/authorization for SSH/Telnet users by a RADIUS server

    © Copyright 2016 Hewlett Packard Enterprise Development LP