hpe:switch:5500:configuration:radius:loguin_local_configuration
Table of Contents
How to configure 3Com switch to support radius or local login for management
Symptoms:
Radius server offline could not login to switch when radius is offline
“Need to have local authentication enabled on switch for fail safe ”
Fixes:
Configure the switch to support both radius device login and local login
Here is the configuration that work on SW5500.
# password-control length 4 password-control history 2 password-control login-attempt 3 exceed lock-time 120 # super password level 3 simple password # local-server nas-ip 127.0.0.1 key 3com # domain default enable 3comdevicelogin # dot1x dot1x timer tx-period 10 dot1x timer handshake-period 1024 dot1x authentication-method eap # radius scheme system # radius scheme 3comapsc server-type standard primary authentication 152.67.101.23 accounting optional key authentication radius user-name-format without-domain nas-ip 152.67.101.54 # radius scheme 3ComDeviceLogin server-type extended primary authentication 152.67.101.39 accounting optional key authentication radius user-name-format without-domain nas-ip 152.67.101.54 # domain 3comdevicelogin scheme radius-scheme 3ComDeviceLogin local domain apsc scheme radius-scheme 3comapsc domain system # local-user admin service-type ssh telnet terminal level 3 password-control aging 90 local-user manager service-type ssh telnet terminal level 2 local-user monitor service-type ssh telnet terminal level 1 #
Notes: The switch support radius login, OR local login, but not both methods
Product(s):
Switch 7700
Router 5000 Series
Router 3000 Series
Router 6000 Series
Switch 8800
Switch 5500
Switch 5500G
Switch 7750
Switch 4500
hpe/switch/5500/configuration/radius/loguin_local_configuration.txt · Last modified: 2021/03/27 13:40 by dgonzalez