You are here: Webhelp 5.5R7 > Object > AAA Server

AAA Server

An AAA server is a server program that handles user requests to access computer resources, and for an enterprise, this server provides authentication, authorization, and accounting (AAA) services. The AAA server typically interacts with network access and gateway servers and with databases and directories containing user information.

Here in StoneOS system, authentication supports the following five types of AAA server:

According to the type of authentication, you need to choose different AAA servers:

  • 802.1x : Only local and Radius servers support these two types of authentication.
  • Configuring IPSec-XAUTH Address Pool: Local, Radius, Ldap, AD and Tacacs+ servers are supported.
  • Other authentication methods mentioned in this guide: all four servers can support the other authentication methods.

Configuring a Local AAA Server

  1. Select Object > AAA Server, and click New > Local Server.
  2. The Local Server dialog box opens.

  3. Click OK.

Configuring Radius Server

  1. Select Object > AAA Server, and select New > Radius Server.
  2. The Radius Sever dialog box opens.

  3. Click OK.

Configuring Active Directory Server

  1. Select Object > AAA Server, and then select New > Active Directory Server.
  2. The Active Directory Server dialog box opens.

  3. Click OK.

Configuring LDAP Server

  1. Select Object > AAA Server, and then select New > LDAP Server.
  2. The LDAP Server dialog box opens.

  3. Click OK.

Configuring TACACS+ Server

  1. Select Object > AAA Server.
  2. Click New > TACACS+ Server, and the TACACS+ Server Configuration dialog box will appear.

Configuring WeChat Server

  1. Select Object > AAA Server.
  2. Click New > WeChat Server, and the WeChat Server Configuration dialog box will appear.

Connectivity Test

When AAA server parameters are configured, you can test if they are correct by testing server connectivity.

To test server connectivity, take the following steps:

  1. Select Object > AAA Server, and click New.
  2. Select your AAA server type, which can be Radius, AD, LDAP or TACACS+. The local server does not need the connectivity test.
  3. After filling out the fields, click Test Connectivity.
  4. For Radius or TACACS+ server, enter a username and password in the popped <Test Connectivity> dialog box. If the server is AD or LDAP, the login-dn and secret is used to test connectivity.
  5. Click Test Connectivity. If "Test connectivity success" message appears, the AAA server settings are correct.

If there is an error message, here are the causes:

  • Connect AAA server timeout: Wrong server address, port or virtual router.
  • AAA server configuration error: Secret is wrong.
  • Wrong name or password: Username or password for testing is wrong.