Configuring radius scheme system – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

292

Perform MAC authentication on port GigabitEthernet 2/0/1 to control Internet access. Ensure that an

authenticated user can access the Internet but the FTP server at 10.0.0.1.
Use MAC-based user accounts for MAC authentication users. The MAC addresses are not hyphenated.

Figure 268 Network diagram

NOTE:

On the RADIUS server add a user account with the host MAC address unhyphenated as both the
username and password, and specify ACL 3000 as the authorization ACL for the user account.

Configuring RADIUS scheme system

1.

From the navigation tree, select Authentication > RADIUS.

Figure 269

shows the RADIUS server configuration page.

2.

Configure the authentication server:

a.

Select the server type Primary Authentication.

b.

Type the IP address 10.1.1.1, and type the port number 1812.

c.

Select active as the primary server status.

d.

Click Apply.

Figure 269 Configure a RADIUS authentication server

Internet

Switch

Host

192.168.1.10

GE2/0/1

FTP server

10.0.0.1

RADIUS servers

Auth:10.1.1.1
Acct:10.1.1.2