Configuring AAA > AAA configuration considerations and task list

AAA configuration considerations and task list

To configure AAA, complete the following tasks on the NAS:

Configure the required AAA schemes:
- Local authentication—Configure local users and the related attributes, including the usernames and passwords, for the users to be authenticated.
- Remote authentication—Configure the required RADIUS, HWTACACS, and LDAP schemes.
Configure AAA methods for the users' ISP domains. Remote AAA methods need to use the configured RADIUS, HWTACACS, and LDAP schemes.

Figure 10: AAA configuration procedure

To configure AAA, perform the following tasks:

Tasks at a glance
(Required.) Perform a minimum one of the following tasks to configure local users or AAA schemes: Configuring local users Configuring RADIUS schemes Configuring HWTACACS schemes Configuring LDAP schemes
(Required.) Configure AAA methods for ISP domains: (Required.) Creating an ISP domain (Optional.) Configuring ISP domain attributes (Required.) Perform a minimum one of the following tasks to configure AAA authentication, authorization, and accounting methods for the ISP domain: Configuring authentication methods for an ISP domain Configuring authorization methods for an ISP domain Configuring accounting methods for an ISP domain
(Optional.) Configuring the session-control feature
(Optional.) Configuring the RADIUS DAE server feature
(Optional.) Changing the DSCP priority for RADIUS packets
(Optional.) Setting the maximum number of concurrent login users
(Optional.) Configuring and applying an ITA policy
(Optional.) Configuring a NAS-ID profile
(Optional.) Configuring the device ID

prev	up	next
FIPS compliance	home	Configuring AAA schemes

© Copyright 2017 Hewlett Packard Enterprise Development LP