1-37AAA for Telnet Users by Separate ServersNetwork requirementsAs shown in Figure 1-8, configure the switch to provide local authentication, HWTACACS authorization,and RADIUS accounting services to Telnet users. The user name and the password for Telnet users areboth hello.z The HWTACACS server is used for authorization. Its IP address is 10.1.1.2. On the switch, set theshared keys for packets exchanged with the HWTACACS server to expert. Configure the switch toremove the domain name from a user name before sending the user name to the HWTACACSserver.z The RADIUS server is used for accounting. Its IP address is 10.1.1.1. On the switch, set the sharedkeys for packets exchanged with the RADIUS server to expert.Configuration of separate AAA for other types of users is similar to that given in this example. The onlydifference lies in the access type.Figure 1-8 Configure AAA by separate servers for Telnet usersConfiguration procedure# Configure the IP addresses of various interfaces (omitted).# Enable the Telnet server on the switch. system-view[Switch] telnet server enable# Configure the switch to use AAA for Telnet users.[Switch] user-interface vty 0 4[Switch-ui-vty0-4] authentication-mode scheme[Switch-ui-vty0-4] quit# Configure the HWTACACS scheme.[Switch] hwtacacs scheme hwtac[Switch-hwtacacs-hwtac] primary authorization 10.1.1.2 49[Switch-hwtacacs-hwtac] key authorization expert[Switch-hwtacacs-hwtac] user-name-format without-domain[Switch-hwtacacs-hwtac] quit# Configure the RADIUS scheme.[Switch] radius scheme rd