Re: How to configure a local backup authentication ?

Arthis · ‎05-25-2013

Hi,

I'm in the process of migrating some Cisco switches to HP 5500 switches.

I've been asked to configure a Radius authentication via SSH and an authentication fallback (local backup account if the Radius server is unavailable).

The Radius authentication works perfectly (against a FreeRadius server) but I've never been able to authenticate locally with the backup account via ssh.

Do you have any idea on the way to configure that ?

Thanks

Herve

Here's my config:

radius scheme myclient
server-type extended
primary authentication 10.2.100.158 key cipher $c$3$sA35wrbccHrKrIDaqhxi/yE9EX1w6O3eJLF3
primary accounting 10.2.100.158 key cipher $c$3$ir/FVc7+XYviIvwLVMnH4bIwNwiNVq+jrwmf
user-name-format without-domain
#
domain myclient-intra
authentication default radius-scheme myclient
authorization default radius-scheme myclient
accounting default radius-scheme myclient
access-limit disable
state active
idle-cut disable
self-service-url disable

local-user backup
password cipher $c$3$a81Tg/xv7aUqGorNUEIiYYHXxiptuX+ybjZY9w==
authorization-attribute level 3
service-type ssh

user-interface vty 0 15
authentication-mode scheme
protocol inbound ssh

manuel.bitzi · ‎05-26-2013

Dear Arthis

There are two ways:

Login as backup@system to authenticate with the local users.

Or add the local authentication as fallback if the radius is not avaible (depends on the software version):

domain myclient-intra
authentication default radius-scheme myclient local
authorization default radius-scheme myclient local
accounting default radius-scheme myclient local

br

Manuel

H3CSE, MASE Network Infrastructure [2011], Switzerland

Arthis · ‎05-27-2013

Hi Manuel,

Thanks a lot for you answer. It works perfectly.

Herve

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: How to configure a local backup authentication ?

How to configure a local backup authentication ?

Re: How to configure a local backup authentication ?

Re: How to configure a local backup authentication ?