H3C S7500E Series Ethernet Switches Operation Manual
Operation Manual – 802.1x - MAC Authentication
H3C S7500E Series Ethernet Switches Chapter 3 MAC Authentication Configuration
3-7
User name format is fixed account
Fixed username:aaa
Fixed password:123456
Offline detect period is 180s
Quiet period is 60s.
Server response timeout value is 100s
The max allowed user number is 1024 per slot
Current user number amounts to 1
Current domain is aabbcc.net
Silent Mac User info:
MAC ADDR From Port Port Index
GigabitEthernet2/0/1 is link-up
MAC address authentication is Enabled
Authenticate success: 1, failed: 0
Current online user number is 1
MAC ADDR Authenticate state AuthIndex
00e0-fc12-3456 MAC_AUTHENTICATOR_SUCCESS 29
3.5.2 RADIUS-Based MAC Authentication Configuration Example
I. Network requirements
As illustrated in Figure 3-2, a host is connected to the device through port
GigabitEthernet 2/0/1. The device authenticates the host through the RADIUS server.
z MAC authentication is required on every port to control user access to the Internet.
z Set the offline detect timer to 180 seconds and the quiet timer to 3 minutes.
II. Network diagram
IP network
GE2/0/1
SwitchHost
Authentication servers
(RADIUS server cluster)
10.1.1.1
10.1.1.2
Figure 3-2 Network diagram for MAC authentication using RADIUS
III. Configuration procedure
1) Configure MAC authentication on the device
# Configure the IP addresses of the interfaces. (Omitted)