QTECH QSW-3400 Инструкция по настройке User Manual

+7(495) 797-3311 www.qtech.ru
Москва, Новозаводская ул., 18, стр. 1

371

Ethernet 1/4 is a trunk port of Switch2, connects to Switch1.

Ethernet 1/1 is an access port, belongs to vlan8, connects to update server to download and

upgrade the client software.

Ethernet 1/2 is an access port, belongs to vlan9, connects to radius server which configure

auto vlan as vlan10.

Ethernet 1/3 is an access port, belongs to vlan10, connects to external internet resources.

To implement this application, the configuration is as follows:

Switch1 configuration:

(1)

Enable 802.1x and MAB authentication function globally, configure username and

password of MAB authentication and radius-server address
Switch(config)# dot1x enable
Switch(config)# mac-authentication-bypass enable
Switch(config)#mac-authentication-bypass

username-format

fixed

username mabuser password mabpwd
Switch(config)#vlan 8-10
Switch(config)#interface vlan 9
Switch(config-if-vlan9)ip address 192.168.61.9 255.255.255.0
Switch(config-if-vlan9)exit
Switch(config)#radius-server authentication host 192.168.61.10
Switch(config)#radius-server accounting host 192.168.61.10
Switch(config)#radius-server key test
Switch(config)#aaa enable
Switch(config)#aaa-accounting enable

(2)

Enable the authentication function of each port

Switch(config)#interface ethernet 1/1
Switch(config-if-ethernet1/1)#dot1x enable
Switch(config-if-ethernet1/1)#dot1x port-method portbased
Switch(config-if-ethernet1/1)#dot1x guest-vlan 8
Switch(config-if-ethernet1/1)#exit

Switch(config)#interface ethernet 1/2
Switch(config-if-ethernet1/2)#switchport mode hybrid
Switch(config-if-ethernet1/2)#switchport hybrid native vlan 1
Switch(config-if-ethernet1/2)#switchport hybrid allowed vlan 1;8;10
untag
Switch(config-if-ethernet1/2)#mac-authentication-bypass enable