Configuration Example of the RADIUS Authentication and Accounting-HUAWEI

********RADIUS Authentication and Accounting-GPON********

  1. Configure the authentication scheme.Configure authentication scheme named user (users are authenticated through RADIUS).
    OLT(config)#aaa
    OLT(config-aaa)#authentication-scheme user                              
      Info: Create a new authentication scheme
    OLT(config-aaa-authen-newscheme)#authentication-mode radius 
    OLT(config-aaa-authen-newscheme)#quit
  2. Configure the accounting scheme. Configure accounting scheme named user (users are authenticated through RADIUS). the interval is 10 minutes.
    OLT(config-aaa)#accounting-scheme user                                  
      Info: Create a new accounting scheme
    OLT(config-aaa-accounting-newscheme)#accounting-mode radius
    OLT(config-aaa-accounting-newscheme)#accounting interim interval 10
    OLT(config-aaa-accounting-newscheme)#quit
    OLT(config-aaa)#quit
  3. Configure the RADIUS protocol.Create RADIUS server template named asdf with the RADIUS server 129.7.66.66 as the primary authentication and accounting server, and the RADIUS server 129.7.66.67 as the secondary authentication and accounting server.
    OLT(config)#radius-server template asdf                                   
     Note: Create a new server template
    OLT(config-radius-hwtacacs)#radius-server authentication 129.7.66.66 1812
    OLT(config-radius-hwtacacs)#radius-server authentication 129.7.66.67 1812 secondary 
    OLT(config-radius-hwtacacs)#radius-server accounting 129.7.66.66 1813
    OLT(config-radius-hwtacacs)#radius-server accounting 129.7.66.67 1813 secondary
    OLT(config-radius-hwtacacs)#quit
  4. Create a domain.Create a domain named isp1.
    OLT(config)#aaa                                                                             
    OLT(config-aaa)#domain isp1                                                  
      Info: Create a new domain
  5. Use the authentication scheme.You can use an authentication scheme in a domain only after the authentication scheme is created.
    OLT(config-aaa-domain-isp1)#authentication-scheme newscheme
  6. Use the accounting scheme.You can use an accounting scheme in a domain only after the accounting scheme is created.
    OLT(config-aaa-domain-isp1)#accounting-scheme newscheme
  7. Use the RADIUS server template. You can use a RADIUS server template in a domain only after the RADIUS server template is created.
    OLT(config-aaa-domain-isp1)#radius-server radtest
    OLT(config-aaa-domain-isp1)#quit 
    
  8. Configure a local AAA user. Create a local user with the user name user1 and the password a123456.
    OLT(config-aaa)#local-user abc@isp1 password a123456

                                                                                                          *******END*******

Be the first to comment

Leave a Reply

Your email address will not be published.


*


For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

I agree to these terms.