Application Scenarios for AAA
Deploying AAA for Internet Access Users
As shown in Figure 1, an enterprise network connects to the Switch through the LAN switch. Users on the enterprise network need to connect to the Internet. To ensure network security, the administrator controls the Internet access rights of the users.
The administrator configures AAA on the Switch to allow the Switch to communicate with the AAA server. The AAA server then can manage users centrally. After a user enters the user name and password on the client, the Switch forwards the authentication information including user name and password to the AAA server, and the AAA server authenticates the user. After being successfully authenticated, the user can access the Internet. The AAA server also records the network resource usage of the user.
To improve reliability, two AAA servers can be deployed in active/standby mode. If the active server fails, the standby server takes over the AAA services, ensuring uninterrupted services.
Deploying AAA for Management Users
As shown in Figure 2, the management user (Administrator) connects to the Switch to manage, configure, and maintain the Switch.
After the management user logs in to the Switch with AAA configured, the Switch sends the user name and password of the user to the AAA server. The AAA server then authenticates the user and records the user operations.
