The combination of Huawei S2000-HI switch and cisco acs for certification

Source: Internet
Author: User
Tags configuration settings

The combination of Huawei S2000-HI switch and cisco acs for certification
Case: Huawei S2000-HI switch and cisco acs combined certification I. Networking requirements: a company's internal network adopts unified management, send the authentication tasks for accounts and passwords of all devices to the Radius server (ACS ).
There are no special requirements for routing between the ACS Server and the switch.
Www.2cto.com 2. network topology: lab device: www.2cto.com Windows 2003 (as an acs server) Huawei L2 Switch, one client and three. tutorial steps: 1. install the ACS server (Omitted) 2. import the Huawei private Radius attribute in the cisco ACS. compile h3c. INI file (The following is the file content) [User Defined Vendor] Name = login weiietf Code = 2011VSA 29 = hw_Exec_Privilege [primary] Type = INTEGERProfile = IN OUTEnums = hw_Exec_Privilege-Values [hw_Exec_Privilege-Values] 0 = Access1 = Monitor2 = Manager3 = Administrator note: this file is mainly used to define the value of the private property 2. to import the file defined above to ACS, ACS provides Command interface to import private properties. This step mainly imports h3c. ini to ACS through commands. The import process is as follows: (1) Click the windows Start Menu of ACS Server, Enter cmd in the running process, and open a command line window (2) to enter the bin directory of ACS, by default, the directory is c: \ Program Files \ CiscoSecure ACS v4.0 \ bin (3) run the import command: Select y and continue 3. configure the ACS server interface configuration settings: radius (HuaWei) settings interface configuration advanced options all hook network configuration group settings: hook 015, select telnet settings to hook up the last line, select administrator user settings of Huawei: Add User: Name: test password: 1234564. configure radius authentication on a Huawei switch: radius scheme xxxprimary authentication 192.1 Authentication 123456 accounting optionalserver-type standarduser-name-format without-domainquitdomain h3cradius-scheme xxxaccess-limit enable 10 accounting authentication radius-scheme xxxstate activequituser-interface vty 0 has started commands login password simple 4565. client test: test the logon switch on the client: (use Username: test @ h3c password: 123456, and use super 3 to escalate permissions) The experiment is successful.
Source http://xjzhujunjie.blog.51cto.com/3582724/805240

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.