Huawei device configuration and interconnection ToughRADIUS
Huawei's BRAS (Broadband Remote Access Server) such as the ME60 series, the detailed process and command line operations for connecting to the ToughRADIUS (Remote Authentication Dial-In User Service) server mainly involve the following steps:
1. Basic configuration
Configure terminal parameters: such as setting the terminal's baud rate, data bits, etc.
system-view
user-interface console 0
idle-timeout minutes [seconds]
screen-length 0 temporary
2. Create RADIUS server template
Configure RADIUS server address and key: Specify the IP address and shared key of the RADIUS server.
radius-server template [template name]
radius-server shared-key cipher [shared key]
radius-server authentication [server IP address] [port number] weight [weight]
radius-server accounting [server IP address] [port number] weight [weight]
radius-server retransmit [number of retransmits]
radius-server timeout [timeout]
3. Configure AAA (Authentication, Authorization, and Accounting)
Configure AAA view: Enable the AAA function and specify the authentication method as RADIUS.
aaa
authentication-scheme [scheme name]
authentication-mode radius
accounting-scheme [scheme name]
accounting-mode radius
domain default
authentication-scheme [scheme name]
accounting-scheme [scheme name]
4. Configure user interface
Configure virtual template: used for PPPoE or IPoE access.
interface Virtual-Template [template number]
ppp authentication-mode [authentication scheme name]
ip address pool [address pool name]
5. Configure address pool
Configure Address Allocation: Configure an IP address pool for dial-up users.
ip pool [address pool name] bas local
gateway [gateway IP]
network [network address] mask [subnet mask]
6. Configure VLAN and interface
Configure VLAN interface: Configure the VLAN used for Internet access.
interface GigabitEthernet[interface number]
port link-type access
port default vlan [VLAN ID]
7. Debugging and Testing
Test authentication and accounting functions: Try dialing to check whether RADIUS authentication and accounting are normal.
display radius-server statistics [template name]
display aaa online-fail-record
Precautions
Ensure network connectivity: Ensure that BRAS can communicate normally with the RADIUS server.
Key consistency: Ensure that the shared keys configured on the RADIUS server and BRAS are completely consistent.
Version compatibility: Check whether the software versions of Huawei BRAS and RADIUS servers are compatible.
This process is a basic guide, and the specific configuration may vary based on the actual needs of the network and the specific model of the device. During the configuration process, please refer to Huawei's official documentation or consult technical support to ensure correct configuration.
After you complete the BRAS configuration, you need to create a corresponding VPE device in ToughRADIUS. Then create a corresponding PPPoE user in ToughRADIUS, and finally create a PPPoE connection on the client device and use the PPPoE username and password to perform a dial-up test.
Last updated
Was this helpful?