How is an AAA local user configured on an AR


When local authentication and authorization are configured, configure authentication and authorization information on the AR, including the user name, password, and priority. The configuration is as follows:
1. Run the aaa command to enter the AAA view.
2. Run the local-user user-name password { cipher | irreversible-cipher } password command create a local account and configure the login password.
3. Run the local-user user-name service-type command to configure the access type for local users.
Run the local-user user-name privilege level level command to set the local user level.

Other related questions:
How is an authentication scheme bound to an AAA domain on an AR
Before configuring an authentication scheme for a domain on an AR, create an authentication scheme and set parameters in the authentication scheme. The configuration is as follows: 1. Create an authentication scheme scheme1 in the AAA view. [Huawei] aaa [Huawei-aaa] authentication-scheme scheme1 [Huawei-aaa-authen-scheme1] quit 2. Create an AAA domain isp1 and bind the authentication scheme scheme1 to the AAA domain. [Huawei-aaa] domain isp1 [Huawei-aaa-domain-isp1] authentication-scheme scheme1 [Huawei-aaa-domain-isp1] quit

How is the authentication mode of VTY users set to AAA on an AR
When Telnet or SSH users log in to the AR through the VTY user interface, set the authentication mode to AAA. The configuration is as follows: [Huawei] user-interface vty 0 4 //Configure the VTY user interface. [Huawei-ui-vty0-4] authentication-mode password //Set the authentication mode to AAA.

How to configure an authorization template for AAA authentication on an AR router
AAA authentication provides security functions such as authenticating, authorizing, and accounting users to prevent unauthorized users from logging in to the device and enhance system security of the device. For details about the AAA configuration procedure, choose Configuration Guide (via Command Line)> Security Configuration> AAA Configuration through the URL: Product documentation."

Local and remote RADIUS or HWTACACS authentication is configured on an S series switch. When the remote authentication server does not respond, local users cannot log in and the message "aaa user cut" is displayed. Why
Users fail to log in because accounting fails. The S series switch is configured with authentication and accounting, but does not support accounting. To solve the problem, run the following command to configure the switch to keep users online after accounting fails. [HUAWEI] aaa [HUAWEI-aaa] accounting-scheme scheme1 [HUAWEI-aaa-accounting-scheme1] accounting start-fail online

Delete local users from S series switches
Run the undo local-user user-name command on an S series switch (except the S1700 switch) to delete a local user. For example, delete the local user user1@vipdomain. [HUAWEI] aaa [HUAWEI-aaa] undo local-user user1@vipdomain Each user has its own user level, and the user can create, delete, or change users whose user level is lower than its. You can run the display local-user command to view the user level.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top