Manualshelf

R3303-HP HSR6800 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
441442443444445446447448449450
43
Figure 140 Network diagram
Configuration procedure
1. Add all ports on Router B into VLAN 10, and configure the IP address of VLAN-interface 10 on
Router A. (Details not shown.)
2. Configure the DHCP server on Router A.
<RouterA> system-view
[RouterA] dhcp enable
[RouterA] dhcp server ip-pool 0
[RouterA-dhcp-pool-0] network 10.1.1.0 mask 255.255.255.0
3. Configure Host A and Host B as 802.1X clients and configure them to upload IP addresses for ARP
detection. (Details not shown.)
4. Configure Router B:
# Enable the 802.1X function.
<RouterB> system-view
[RouterB] dot1x
[RouterB] interface gigabitethernet 3/0/1
[RouterB-GigabitEthernet3/0/1] port link-mode bridge
[RouterB-GigabitEthernet3/0/1] dot1x
[RouterB-GigabitEthernet3/0/1] quit
[RouterB] interface gigabitethernet 3/0/2
[RouterB-GigabitEthernet3/0/2] port link-mode bridge
[RouterB-GigabitEthernet3/0/2] dot1x
[RouterB-GigabitEthernet3/0/2] quit
# Add a local user test.
[RouterB] local-user test
[RouterB-luser-test] service-type lan-access
[RouterB-luser-test] password simple test
[RouterB-luser-test] quit
# Enable ARP detection for VLAN 10 to check user validity based on 802.1X entries.
[RouterB] vlan 10
[RouterB-vlan10] arp detection enable