Hà Nội: NTT03, Line 1, Thống Nhất Complex, 82 Nguyễn Tuân, Thanh Xuân, Hà Nội. ● HCM: Số 31B, Đường 1, Phường An Phú, Quận 2 (Thủ Đức), TP HCM. ===> Đơn Vị Hàng Đầu Trong Lĩnh Vực Cung Cấp Thiết Bị Security - Network - Wifi - CCTV - Conference - Máy chủ Server - Lưu trữ Storge.
Danh mục sản phẩm

Configure Telnet User Level Switching to Use RADIUS Authentication

Network Requirements

  1. Device is connected to the Telnet and RADIUS server and the IP route is available.
  2. The IP address of the RADIUS server is 2.0.0.2/24, the authentication/authorization port is 1812, and the share key is admin.
  3. When the user level switches from 1 to 3 after Telnet user logs in to Device, it is required to authenticate via RADIUS server.

Network Topology

Networking of configuring Telnet user level switching to use RADIUS authentication

Figure 3-5 Networking of configuring Telnet user level switching to use RADIUS authentication

Configuration Steps

Step 1: Configure VLAN, and add the port to the corresponding VLAN. (omitted)

Step 2: Configure the IP address of the interface.(Omitted)

Step 3: Configure Device.

#Configure the user level switching to use the RADIUS authentication.

Device#configure terminal
Device(config)#aaa authentication enable-method radius-group radius-group
Device(config)#domain system
Device(config-isp-system)#aaa authentication login radius-group radius-group local
Device(config-isp-system)#exit

#Configure the RADIUS server, the authentication port is 1812, and the share key is admin.

Device(config)#aaa server group radius radius-group
Device(config-sg-radius-radius-group)#server 2.0.0.2 auth-port 1812 acct-port 1813 key admin
Device(config-sg-radius-radius-group)#exit
Device(config)#line vty 0 15
Device(config-line)#login aaa
Device(config-line)#exit

Step 4: Configure the RADIUS server.

For the interface setting of the RADIUS server, refer to the help document of the server. The following lists the main steps.

#Add the user name $enab3$ with user level 3 and set the password as admin.

note


  • User level switching is fixed to use the user name in the format of $enabLEVEL$ for authentication. LEVEL is the level that the user wants to switch to.
  • When the user level is reduced, do not need authentication.

Step 5: Check the result.

After Telnet user inputs the user name and password to log in according to the prompt, the user level is 1 by default. After executing the command enable 3, input the password admin. After being authenticated by RADIUS server successfully, the user level is switched to 3.