Configuration Example of the RADIUS Authentication and Accounting-HUAWEI

********RADIUS Authentication and Accounting-GPON********

  1. Configure the authentication scheme.Configure authentication scheme named user (users are authenticated through RADIUS).
    OLT(config-aaa)#authentication-scheme user                              
      Info: Create a new authentication scheme
    OLT(config-aaa-authen-newscheme)#authentication-mode radius 
  2. Configure the accounting scheme. Configure accounting scheme named user (users are authenticated through RADIUS). the interval is 10 minutes.
    OLT(config-aaa)#accounting-scheme user                                  
      Info: Create a new accounting scheme
    OLT(config-aaa-accounting-newscheme)#accounting-mode radius
    OLT(config-aaa-accounting-newscheme)#accounting interim interval 10
  3. Configure the RADIUS protocol.Create RADIUS server template named asdf with the RADIUS server as the primary authentication and accounting server, and the RADIUS server as the secondary authentication and accounting server.
    OLT(config)#radius-server template asdf                                   
     Note: Create a new server template
    OLT(config-radius-hwtacacs)#radius-server authentication 1812
    OLT(config-radius-hwtacacs)#radius-server authentication 1812 secondary 
    OLT(config-radius-hwtacacs)#radius-server accounting 1813
    OLT(config-radius-hwtacacs)#radius-server accounting 1813 secondary
  4. Create a domain.Create a domain named isp1.
    OLT(config-aaa)#domain isp1                                                  
      Info: Create a new domain
  5. Use the authentication scheme.You can use an authentication scheme in a domain only after the authentication scheme is created.
    OLT(config-aaa-domain-isp1)#authentication-scheme newscheme
  6. Use the accounting scheme.You can use an accounting scheme in a domain only after the accounting scheme is created.
    OLT(config-aaa-domain-isp1)#accounting-scheme newscheme
  7. Use the RADIUS server template. You can use a RADIUS server template in a domain only after the RADIUS server template is created.
    OLT(config-aaa-domain-isp1)#radius-server radtest
  8. Configure a local AAA user. Create a local user with the user name user1 and the password a123456.
    OLT(config-aaa)#local-user abc@isp1 password a123456


Be the first to comment

Leave a Reply

Your email address will not be published.


For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

I agree to these terms.