H3C S7500 Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

571

572

573

574

575

576

577

578

579

580

Operation Manual – AAA & RADIUS & HWTACACS & EAD

H3C S7500 Series Ethernet Switches Chapter 2

EAD Configuration

2-4

2.4 EAD Configuration Example

I. Network requirements

As shown in Figure 2-3:

z A user's workstation is connected to Ethernet 2/0/1 of the switch.

z The user's workstation adopts 802.1X client supporting EAD extended function.

z By configuring the switch, user remote authentication is implemented through

RADIUS server and EAD control is achieved through security policy server.

The following are the configuration tasks:

z Connect the RADIUS authentication server to the switch. The IP address of the

server is 10.110.91.164, and the switch adopts port 1812 to communicate with the

authentication server.

z Configure the authentication server type as extended.

z Configure the encryption password for exchanging messages between the switch

and RADIUS server as expert.

z Configure the IP address of the security policy server as 10.110.91.166.

II. Network diagram

Ethernet 2/0/1

Internet

h Servers

168

ers

User

Security Policy Servers

10.110.91.166

Virus Patc

10.110.91.

Authentication Serv

10.110.91.164

Figure 2-3 EAD configuration exampl

III. Configuration procedure

# Configure 802.1X on the switch. Refer to the 802.1X module in H3C S7500 Series

Ethernet Switches Operation Manual for detailed description.

# Configure a domain.

<H3C> system-view

[H3C] domain system

[H3C-isp-system] quit