Displaying and maintaining 802.1x, 1x authentication configuration example – H3C Technologies H3C S12500-X Series Switches User Manual

Page 113

Advertising
background image

101

[Device-radius-radsun] primary accounting 192.168.1.3

[Device-radius-radsun] secondary authentication 192.168.1.3

[Device-radius-radsun] secondary accounting 192.168.1.2

[Device-radius-radsun] key authentication simple name

[Device-radius-radsun] key accounting simple money

[Device-radius-radsun] timer response-timeout 5

[Device-radius-radsun] retry 5

[Device-radius-radsun] timer realtime-accounting 15

[Device-radius-radsun] user-name-format without-domain

[Device-radius-radsun] quit

# Configure ISP domain sun.

[Device] domain sun

[Device-isp-sun] authentication lan-access radius-scheme radsun

[Device-isp-sun] authorization lan-access radius-scheme radsun

[Device-isp-sun] accounting lan-access radius-scheme radsun

[Device-isp-sun] quit

2.

Configure 802.1X:
# Set the 802.1X authentication method to CHAP. (This step is optional. By default, the
authentication method is CHAP for 802.1X.)

[Device] dot1x authentication-method chap

3.

Configure port security:
# Enable port security.

[Device] port-security enable

# Add five OUI values. (You can add up to 16 OUI values. The port permits only one user

matching one of the OUIs to pass authentication.)

[Device] port-security oui index 1 mac-address 1234-0100-1111

[Device] port-security oui index 2 mac-address 1234-0200-1111

[Device] port-security oui index 3 mac-address 1234-0300-1111

[Device] port-security oui index 4 mac-address 1234-0400-1111

[Device] port-security oui index 5 mac-address 1234-0500-1111

# Set the port security mode to userLoginWithOUI.

[Device] interface ten-gigabitethernet 1/0/1

[Device-Ten-GigabitEthernet1/0/1] port-security port-mode userlogin-withoui

[Device-Ten-GigabitEthernet1/0/1] quit

433B

Verifying the configuration

# Display the RADIUS scheme radsun.

[Device] display radius scheme radsun

RADIUS Scheme Name : radsun

Index : 0

Primary Auth Server:

IP : 192.168.1.2 Port: 1812 State: Active

VPN : Not configured

Primary Acct Server:

IP : 192.168.1.3 Port: 1813 State: Active

VPN : Not configured

Second Auth Server:

Advertising
This manual is related to the following products:

H3C S5560 Series Switches, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module, H3C S9800 Series Switches, H3C S5130 Series Switches, H3C S5120 Series Switches

Popular Brands
Popular manuals