Example for Configuring Authentication for STelnet Login Users (RADIUS Authentication) Highlighted

Created Dec 17, 2016 23:14:04Latest reply Dec 18, 2016 00:01:22 1464 1 0 0

Example for Configuring Authentication for STelnet Login Users (RADIUS Authentication)


Specification

This example applies to all AR models of all versions.


Networking Requirements

Users connect to the Router (AR) through STelnet. During SSH authentication, the Router supports remote RADIUS authentication for SSH users.

When authentication a user, the RADIUS server returns authentication result to the Router. The Router determines whether the user can access the network depending on the authentication result.


Networking Diagram

Figure   Networking diagram of configuring RADIUS authentication for SSH users
10d2162103b14af493f14a012f8840b5

Procedure

  1. Generate a local key pair on Router.

  2. Configure AAA on Router.

  3. Verify the configuration.

    Use the SSH client software to log in to the Router through STelnet from a terminal. The third-party software PuTTY is used as an example here.

    # Use the PuTTY software to log in to the Router, enter the device IP address, and select the SSH protocol type.
    Figure 14-6  Logging in to the SSH server through PuTTY in password authentication mode
    3ca2aa6ca7f64e7eaa93176992b24d36

    # Click Open. On the displayed page, enter the user name admin and password Huawei@1234 and press Enter to log in to the SSH server. (The following information is for reference only.)


Configuration Notes

  • The Router and RADIUS server must use the same authentication port number.
  • The Router and RADIUS server must use the same shared key.
  • If an SSH user uses password authentication, only the SSH server needs to generate the Rivest-Shamir-Adleman (RSA) key pair.
  • There must be a reachable route between the Router and RADIUS server. 

  • x
  • convention:

user_2790689  Expert   Created Dec 18, 2016 00:01:22 Helpful(0) Helpful(0)

thx
  • x
  • convention:

Responses

Reply
You need to log in to reply to the post Login | Register

Notice:To ensure the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but not limited to politically sensitive content, content concerning pornography, gambling, drug abuse and trafficking, content that may disclose or infringe upon others' intellectual properties, including commercial secrets, trade marks, copyrights, and patents, and personal privacy. Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see“ Privacy Policy.”
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Fast reply Scroll to top