- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- How to use Radius with local backup
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-08-2012 02:04 AM
10-08-2012 02:04 AM
How to use Radius with local backup
Hi,
We have just installed a couple of A5500EI switches and I'm trying to get Radius auth for telnet/ssh working.
As I'm used to procurve switches, I'm not very much in to this comware-stuff (but I'm learning!).
We run Radius on Windows 2008 servers. We've set up the Procurve switches with these settings:
radius-server host 10.yy.yy.yy key mysecret
aaa authentication web login radius local
aaa authentication ssh login radius local
aaa authentication telnet login radius local
aaa authentication web enable radius local
aaa authentication ssh enable radius local
aaa authentication telnet enable radius local
aaa authentication login privilege-mode
We have to ad-groups, network-operators and network-admins. If the user is member of the admin-group they can manage the switch, and operators can only do monitoring/view -stuff.
Can anyone help me "translate" the procurve commands to Comware commands?
What I've done so far is:
super password level 3 cipher xxxxxxxxx
radius scheme system
primary authentication 10.yy.yy.yy
primary accounting 127.0.0.1 1646
key authentication cipher $c$3$nmBMe/uKDpkC4Xtv6LT2J39qVRbwK8nO8RaY53Q=
user-name-format without-domain
local-user admin
password cipher xxxxxxxx
access-limit 3
service-type ssh terminal
service-type portal
user-interface vty 0 15
authentication-mode none
user privilege level 1
If I switch to "authentication-mode scheme" I get a login-prompt when connection, but am unable to log in.
What is important to me, is to have local login as the secondary method if Radius is unavailable. I want radius to be primary, but local login as fallback if radius is offline/unavailable.
So how do I configure the scheme to use local as fallback?
And what do I need to configure on the Radius on the server?
Thanks
K.