H3C S7500E Series Ethernet Switches Operation Manual
Operation Manual – 802.1x - MAC Authentication
H3C S7500E Series Ethernet Switches Chapter 3 MAC Authentication Configuration
3-8
# Configure a RADIUS scheme.
<Sysname> system-view
[Sysname] radius scheme 2000
[Sysname-radius-2000] primary authentication 10.1.1.1 1812
[Sysname-radius-2000] primary accounting 10.1.1.2 1813
[Sysname-radius-2000] key authentication abc
[Sysname-radius-2000] key accounting abc
[Sysname-radius-2000] user-name-format without-domain
[Sysname-radius-2000] quit
# Specify the AAA schemes for the ISP domain.
[Sysname] domain 2000
[Sysname-isp-2000] authentication default radius-scheme 2000
[Sysname-isp-2000] authorization default radius-scheme 2000
[Sysname-isp-2000] accounting default radius-scheme 2000
[Sysname-isp-2000] quit
# Enable MAC authentication globally.
[Sysname] mac-authentication
# Enable MAC authentication for port GigabitEthernet 2/0/1.
[Sysname] mac-authentication interface gigabitEthernet 2/0/1
# Specify the ISP domain for MAC authentication.
[Sysname] mac-authentication domain 2000
# Set the MAC authentication timers.
[Sysname] mac-authentication timer offline-detect 180
[Sysname] mac-authentication timer quiet 3
[Sysname] mac-authentication user-name-format fixed account aaa password
simple 123456
2) Verify the configuration
# Display global MAC authentication information.
<Sysname> display mac-authentication
MAC address authentication is Enabled.
User name format is fixed account
Fixed username:aaa
Fixed password:123456
Offline detect period is 180s
Quiet period is 60s.
Server response timeout value is 100s
The max allowed user number is 1024 per slot
Current user number amounts to 1
Current domain is 2000