H3C Technologies H3C S3100 Series Switches User Manual

Page 483

Advertising
background image

1-6

# Set the MAC authentication timers.

[Switch] mac-authentication timer offline-detect 180

[Switch] mac-authentication timer quiet 180

# Specify the MAC authentication username format as MAC address, that is, using the MAC address

(with hyphens) of a user as the username and password for MAC authentication of the user.

[Switch] mac-authentication user-name-format mac-address with-hyphen

# Enable MAC authentication on Ethernet 1/0/1, and specify VLAN 2 as the Auth-Fail VLAN

[Switch–Ethernet1/0/1] mac-authentication

[Switch–Ethernet1/0/1] mac-authentication guest-vlan 2

[Switch–Ethernet1/0/1] quit

6) Configure 802.1X authentication

# Enable 802.1X authentication globally.

[Switch] dot1x

# Enable 802.1X authentication (MAC-based access control required) on Ethernet 1/0/1, and specify

VLAN 2 as the Auth-Fail VLAN.

[Switch] interface ethernet1/0/1

[Switch-Ethernet1/0/1] dot1x

[Switch-Ethernet1/0/1] dot1x port-method macbased

[Switch-Ethernet1/0/1] dot1x auth-fail vlan 2

7) Configure Web authentication and related parameters.

# Enable Web authentication globally.

[Switch] web-authentication web-server ip 100.1.1.1 port 8080

[Switch] web-authentication enable

# Enable Web authentication on Ethernet1/0/1, and set it to use VLAN 5 as its Auth-Fail VLAN.

[Switch-Ethernet1/0/1] web-authentication select method extended

[Switch-Ethernet1/0/1] web-authentication auth-fail vlan 5

Advertising
See also other documents in the category H3C Technologies Routers: