You can add, modify, and delete an authentication scheme, authorization scheme, or accounting scheme.
Context
Authentication, Authorization, and Accounting are three independent service processes.
- In the authentication process, a device authenticates the user name, password, or user information of an access request or a service request. The device, however, neither delivers authorization information to the user nor triggers the accounting process. In AAA, a device can adopt only authentication.
- In the authorization process, a device sends authorization requests to the authorization server. After users pass authorization, the device sends authorization information to users. If the authorization scheme is none, users do not need to be authorized. In this case, users passing authentication have the default authority granted by the system.
- In the accounting process, a device sends accounting-start packets, accounting-update packets, or accounting-stop packets to the accounting server. In AAA, an accounting scheme is optional.
Procedure
- Create an authentication scheme.
NOTE: You can create an authentication scheme, authorization scheme, or accounting scheme. Here the authentication scheme is used as an example.
- Modify an authentication scheme.
NOTE:
You can modify an authentication scheme, authorization scheme, or accounting scheme. Here the authentication scheme is used as an example.
- Click
to open the Modify Authentication Scheme page.
NOTE: - Table 1 describes the parameters on the Modify Authentication Scheme page.
- The authentication scheme name cannot be changed.
- Click
- Delete an authentication scheme.
- Select a record that you want to delete and click Delete. The system asks you whether to delete the record.
NOTE:
- To select a record, click the check box of the record.
- To delete records in batches, click the check boxes of the records.
- Select a record that you want to delete and click Delete. The system asks you whether to delete the record.