This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Enterprise
Community Forums Switches
huawei S5720 ssh connecti...

huawei S5720 ssh connection via microsoft nps active directory user

Latest reply: Jun 8, 2018 07:21:28 1793 5 0 0
display all floors #1
Hi,


I want to enable ssh connection via microsoft NPS with my active diectory users.
it works on h3c switch  but ı can not work it on huawei switch ( S5720 )
Maybe problem is NPS site, I investigate on the web vendor-code of  Huawei NPS policy vendor specific site, but I did not find anything. for example; h3c vendor-code:2011


Thanks,


Config is simple, here is  my config:


radius-server template radius
 radius-server shared-key cipher %^%#J>6@!pG!|7}(TDNU+m$9o,4SM"m7rD|&(T/4~r}'%^%#
 radius-server authentication 10.69.100.52 1812 weight 80
 radius-server accounting 10.69.100.52 1813 weight 80
 radius-server timeout 3
 undo radius-server user-name domain-included
 radius-attribute disable Login-Service receive
#
aaa
 authentication-scheme radius
  authentication-mode radius local
  authentication-super none
 authorization-scheme radius
  authorization-mode  none
 accounting-scheme default
 domain default                           
  authentication-scheme radius
  radius-server radius
 domain default_admin
  radius-server radius

user-interface vty 0 4
 authentication-mode aaa
 protocol inbound all



thank you for your help
  • x
  • convention:

Helpful (0) Favorite(0) Share Report
StarOfWest
Created May 29, 2018 07:16:08 Helpful(0) Helpful(0)

Hi,

Vendor code it's correct - 2011.

This is my configuration for SSH connection on CloudEngine switch series. It's working:

radius server group group_radius
radius server shared-key-cipher ....
radius server authentication X.X.X.2 1812

aaa
user-name minimum-length 1
undo local-user policy security-enhance
local-user netadmin password irreversible-cipher ....
local-user netadmin service-type ssh
local-user netadmin level 3
local-user netman password irreversible-cipher.....
local-user netman service-type ssh
local-user netman level 3
#
authentication-scheme default
#
authentication-scheme test_aaa
authentication-mode local radius
#
authorization-scheme default
#
accounting-scheme default
#
domain default
#
domain default_admin
#
domain domain.com
authentication-scheme test_aaa
radius server group group_radius
#
user-interface vty 0 4
authentication-mode aaa
protocol inbound ssh
#

Also, not that HW-Exec-Privilege needs to be configured, attribute no 26-29.
  • x
  • convention:
“We only get answers to the questions that we ask.” physicist Werner Heisenberg
StarOfWest
Created Jun 6, 2018 06:18:21 Helpful(1) Helpful(1)

Has the problem been solved?
  • x
  • convention:
“We only get answers to the questions that we ask.” physicist Werner Heisenberg
enderkarazeybek
Created Jun 6, 2018 09:29:12 Helpful(0) Helpful(0)

yes, my problem was solved.
thank you for your help.
  • x
  • convention:
StarOfWest
Created Jun 7, 2018 06:19:03 Helpful(0) Helpful(0)

If my answer helped you, please mark it as "Best Answer"
  • x
  • convention:
“We only get answers to the questions that we ask.” physicist Werner Heisenberg
Torrent
Created Jun 8, 2018 07:21:28 Helpful(0) Helpful(0)

huawei S5720 ssh connection via microsoft nps active directory user-2680143-1good
  • x
  • convention:
Back to list

Comment

Reply
Advanced
B Color Image Link Quote Code Smilies
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy Terms of Use
Huawei Enterprise Huawei Carrier Forum Training & Certification

Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

APP