Configure the service type for local users

3

If you log in to a switch using Telnet and AAA authentication, run the local-user user-name service-type telnet command to set the service type for the local users to Telnet. By default, no service type is configured for a local user, that is, no service type is allowed.



# Set the service type for local user user1@vipdomain to Telnet.

system-view

[~HUAWEI] aaa

[~HUAWEI-aaa] local-user user1@vipdomain password irreversible-cipher Huawei@2012

[*HUAWEI-aaa] local-user user1@vipdomain service-type telnet

[*HUAWEI-aaa] commit

Other related questions:
How is an AAA local user configured on an AR
When local authentication and authorization are configured, configure authentication and authorization information on the AR, including the user name, password, and priority. The configuration is as follows: 1. Run the aaa command to enter the AAA view. 2. Run the local-user user-name password { cipher | irreversible-cipher } password command create a local account and configure the login password. 3. Run the local-user user-name service-type command to configure the access type for local users. Run the local-user user-name privilege level level command to set the local user level.

How to configure 802.1x authentication on a WLAN device for local users
For the procedure of configuring 802.1x authentication for local users, click Example for Configuring 802.1x Authentication (AAA in RADIUS Mode) (through commands) or Example for Configuring 802.1x Authentication for Local Users (through the web page) in AC6605&AC6005&ACU2(AC&FITAP)Product Documentation. The AC V200R006 is used as an example.

How do I configure the administrator level on an AR
If non-authentication is used, the administrator level is specified by using the user privilege level command in the VTY interface view. If local authentication is used, the administrator level can be configured in the following ways that are in descending order of priority: 1. Running the local-user privilege level command to configure the local user level 2. Running the admin-user privilege level command to configure the administrator level in a domain 3. Running the user privilege level command to configure the user level in the VTY interface view If remote authentication is used, the administrator level can be configured in the following ways that are in descending order of priority: 1. Using the user level sent by an authentication server to the AR after authentication has succeeded 2. Running the admin-user privilege level command to configure the administrator level in a domain 3. Running the user privilege level command to configure user level in the VTY interface view

How to prevent users from logging in to S series switches in any way except Telnet
S series switches (except S1700 switches) support multiple user access types. A user can log in to a switch only when the user access type is the same as the access type configured for the user on the switch. If you want to restrict the user access type to Telnet, run the local-user user-name service-type telnet command in the AAA view to set the access type to Telnet. By default, a local user cannot use any access type.

How to configure the number of concurrent user logins on an AC's built-in Portal server
When local AAA authentication is implemented, the administrator can set the maximum number of connections that a local user can establish. For example, the local user admin1 is created and allowed to log in to the device using Telnet. If the maximum number of connections is set to 1, the local user can establish only one connection with the device after login using Telnet. Enter the AAA view, and set the maximum number of connections that a local user can establish to 1. system-view [AC6605] aaa [AC6605-aaa]local-user admin1 access-limit 1

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top