Configuring the Local AAA

This topic describes how to configure the local AAA so that the user authentication can be performed locally.

Context

 1The local AAA configuration is simple, which does not depend on the external server.

2. The local AAA supports only authentication.

Procedure

 Step 1 Configure the AAA authentication scheme.

  1. Run the aaa command to enter the AAA mode.
  2. Run the authentication-scheme command to add an authentication scheme.
  3. Run the authentication-mode local command to configure the authentication mode of the authentication scheme.
  4. Run the quit command to return to the AAA mode.

Step 2 Create a domain.

  1. In the AAA mode, run the domain command to create a domain.

Step 3 Refer the authentication scheme.

  1. In the domain mode, run the authentication-scheme command to reference the authentication scheme.
  2. Run the quit command to return to the AAA mode.

Step 4 Configure a local user.

In the AAA mode, run the local-user username service-type command to create a local AAA user.

                                                                                           —-End—–

Example:

User1 in the isp domain adopts the local server for authentication. The authentication scheme is

newscheme, the password is a123456, do as follows:

huawei(config)#aaa

huawei(config-aaa)#authentication-scheme newscheme

Info: Create a new authentication scheme

huawei(config-aaa-authen-newscheme)#authentication-mode local

huawei(config-aaa-authen-newscheme)#quit

huawei(config-aaa)#domain isp

Info: Create a new domain

huawei(config-aaa-domain-isp)#authentication-scheme newscheme

huawei(config-aaa-domain-isp)#quit

huawei(config-aaa)#local-user user1@isp service-type terminal password a123456

Be the first to comment

Leave a Reply

Your email address will not be published.


*


For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

I agree to these terms.