2 example, Xample – GE MULTILINK ML2400 User Manual

Page 130

Advertising
background image

7–6

MULTILINK ML2400 ETHERNET COMMUNICATIONS SWITCH – INSTRUCTION MANUAL

ACCESS USING RADIUS

CHAPTER 7: ACCESS USING RADIUS

7.2.2

Example

Example 7-1 demonstrates how to secure the network using port access. Ensure there is
no 802.1x or RADIUS server defined. Only one RADIUS server can be defined for the entire
network.

Example 7-1: Setting port control parameters

802.1X Authenticator Configuration

==================================

Status: Disabled

RADIUS Authentication Server

==================================

IP Address:

0.0.0.0

UDP Port:

1812

Shared Secret:

ML2400#

auth

ML2400(auth)##

setport port=2 status=enable control=forceauth initialize=assert

Successfully set port control parameter(s)

ML2400(auth)##

auth disable

802.1X Authenticator is disabled.

ML2400(auth)##

authserver ip=3.204.240.1 secret=secret

Successfully set RADIUS Authentication Server parameter(s)

ML2400(auth)##

auth enable

802.1X Authenticator is enabled.

ML2400(auth)##

show auth ports

Port

Status

Control

Initialize

Current State

======================================================

1

Enabled

Auto

Deasserted

Authorized

2

Enabled

ForcedAuth

Asserted

Unauthorized

3

Enabled

Auto

Deasserted

Authorized

4

Enabled

Auto

Deasserted

Unauthorized

5

Enabled

Auto

Deasserted

Unauthorized

6

Enabled

Auto

Deasserted

Unauthorized

7

Enabled

Auto

Deasserted

Unauthorized

8

Enabled

Auto

Deasserted

Unauthorized

9

Enabled

Auto

Deasserted

Unauthorized

10

Enabled

Auto

Deasserted

Unauthorized

11

Enabled

Auto

Deasserted

Unauthorized

12

Enabled

Auto

Deasserted

Unauthorized

13

Enabled

Auto

Deasserted

Unauthorized

14

Enabled

Auto

Deasserted

Unauthorized

15

Enabled

Auto

Deasserted

Unauthorized

16

Enabled

Auto

Deasserted

Unauthorized

-- Port not available

ML2400(auth)##

show auth config

802.1X Authenticator Configuration

==================================

Status: Enabled

RADIUS Authentication Server

==================================

IP Address:

3.204.240.1

UDP Port:

1812

Shared Secret:

secret

(continued on following page)

The RADIUS server is on port 2. This port is
authenticated manually. If the RADIUS server is
several hops away, it may be necessary to
authenticate the interconnection ports. Make sure
the

setport port=2 status=enable

control=forceauth initialize=assert

command

is executed before the

auth enable

command.

The

auth disable

command is not

necessary. However, it is shown for
completeness in case a RADIUS
server was defined with a previously
set authentication scheme.

The RADIUS server is
connected on port #2

Advertising
Popular Brands
Popular manuals