H3C S7500E Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

811

812

813

814

815

816

817

818

819

820

Operation Manual – 802.1x - MAC Authentication

H3C S7500E Series Ethernet Switches Chapter 1 802.1x Configuration

1-22

Internet

Update server

Authenticator server

Supplicant

VLAN 10

Eth2/0/4

VLAN 5

Eth2/0/1

VLAN 5

Eth2/0/2

VLAN 2

Eth2/0/3

VLAN 5

Switch

Figure 1-13 Network diagram when the supplicant passes authentication

III. Configuration procedure

# Configure RADIUS scheme 2000.

<Sysname> system-view

[Sysname] radius scheme 2000

[Sysname-radius-2000] primary authentication 10.11.1.1 1812

[Sysname-radius-2000] primary accounting 10.11.1.1 1813

[Sysname-radius-2000] key authentication abc

[Sysname-radius-2000] key accounting abc

[Sysname-radius-2000] user-name-format without-domain

[Sysname-radius-2000] quit

# Configure domain system and specify to use RADIUS scheme 2000 for users of the

domain.

[Sysname] domain system

[Sysname-isp-system] authentication default radius-scheme 2000

[Sysname-isp-system] authorization default radius-scheme 2000

[Sysname-isp-system] accounting default radius-scheme 2000

[Sysname-isp-system] quit

# Enable 802.1x globally.

[Sysname] dot1x

# Enable 802.1x for port Ethernet 2/0/1.

[Sysname] interface Ethernet 2/0/1

[Sysname-Ethernet2/0/1] dot1x

# Set the port access control method to portbased.