The MA5600 is interconnected with the
RADIUS server through the RADIUS protocol to implement authentication.
Configure the authentication scheme.
Configure authentication scheme newscheme
(users are authenticated through RADIUS).
huawei(config)#aaa
huawei(config-aaa)#authentication-scheme
newscheme
huawei(config-aaa-authen-newscheme)#authentication-mode
radius
huawei(config-aaa-authen-newscheme)#quit
huawei(config-aaa)#quit
Configure the RADIUS protocol.
Create RADIUS server template template1.
RADIUS server 10.10.66.66 functions as the primary authentication server, and
RADIUS server 10.10.66.67 functions as the secondary authentication.
huawei(config)#radius-server template
template1
Note: Create a new server template
huawei(config-radius-template1)#radius-server
authentication 10.10.66.66 1812
huawei(config-radius-template1)#radius-server
authentication 10.10.66.67 1812 secondary
huawei(config-radius-template1)#quit
Create a domain.
Create domain isp1.
huawei(config)#aaa
huawei(config-aaa)#domain isp1
Info: Create a new domain
Reference the authentication scheme.
You can reference an authentication scheme
in a domain only after the authentication scheme is created.
huawei(config-aaa-domain-isp1)#authentication-scheme
newscheme
Reference the RADIUS server template.
You can reference a RADIUS server template
in a domain only after the RADIUS server template is created.
huawei(config-aaa-domain-isp1)#radius-server
template1
huawei(config-aaa-domain-isp1)#quit
Result
User1 in isp1 can be authenticated and can
log in to the MA5600T