2 example, Xample – GE MULTILINK ML1200 User Manual

Page 130

Advertising
background image

7–6

MULTILINK ML1200 MANAGED FIELD SWITCH – INSTRUCTION MANUAL

ACCESS USING RADIUS

CHAPTER 7: ACCESS USING RADIUS

7.2.2

Example

Example 7-1 demonstrates how to secure the network using port access. Ensure there is
no 802.1x or RADIUS server defined. Only one RADIUS server can be defined for the entire
network.

Example 7-1: Setting port control parameters

802.1X Authenticator Configuration

==================================

Status: Disabled

RADIUS Authentication Server

==================================

IP Address:

0.0.0.0

UDP Port:

1812

Shared Secret:

ML1200#

auth

ML1200(auth)##

setport port=2 status=enable control=forceauth initialize=assert

Successfully set port control parameter(s)

ML1200(auth)##

auth disable

802.1X Authenticator is disabled.

ML1200(auth)##

authserver ip=3.204.240.1 secret=secret

Successfully set RADIUS Authentication Server parameter(s)

ML1200(auth)##

auth enable

802.1X Authenticator is enabled.

ML1200(auth)##

show auth ports

Port

Status

Control

Initialize

Current State

======================================================

1

Enabled

Auto

Deasserted

Authorized

2

Enabled

ForcedAuth

Asserted

Unauthorized

3

Enabled

Auto

Deasserted

Authorized

4

Enabled

Auto

Deasserted

Unauthorized

5

Enabled

Auto

Deasserted

Unauthorized

6

Enabled

Auto

Deasserted

Unauthorized

-- Port not available

ML1200(auth)##

show auth config

802.1X Authenticator Configuration

==================================

Status: Enabled

RADIUS Authentication Server

==================================

IP Address:

3.204.240.1

UDP Port:

1812

Shared Secret:

secret

(continued on following page)

The RADIUS server is on port 2. This port is
authenticated manually. If the RADIUS server is
several hops away, it may be necessary to
authenticate the interconnection ports. Make sure
the

setport port=2 status=enable

control=forceauth initialize=assert

command

is executed before the

auth enable

command.

The

auth disable

command is not

necessary. However, it is shown for
completeness in case a RADIUS
server was defined with a previously
set authentication scheme.

The RADIUS server is
connected on port #2

Advertising
Popular Brands
Popular manuals