Manualshelf

H3C S7500E Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
831832833834835836837838839840
Operation Manual – 802.1x - MAC Authentication
H3C S7500E Series Ethernet Switches Chapter 3 MAC Authentication Configuration
3-9
Silent Mac User info:
MAC ADDR From Port Port Index
GigabitEthernet2/0/1 is link-up
MAC address authentication is Enabled
Authenticate success: 1, failed: 0
Current online user number is 1
MAC ADDR Authenticate state AuthIndex
00e0-fc12-3456 MAC_AUTHENTICATOR_SUCCESS 29
3.5.3 ACL Assigning Configuration Example
I. Network requirements
As shown in Figure 3-3, a host is connected to port Ethernet 2/0/1 of the switch and
must pass MAC authentication to access the Internet.
z Configure the RADIUS server to assign ACL 3000.
z Enable MAC authentication on port Ethernet 2/0/1 of the switch, and configure
ACL 3000.
After the host passes MAC authentication, the RADIUS server assigns ACL 3000 to
port Ethernet 2/0/1. As a result, the host can access the Internet but cannot access the
FTP server, whose IP address is 10.0.0.1.
II. Network diagram
Figure 3-3 Network diagram for ACL assigning
III. Configuration procedure
# Configure the IP addresses of the interfaces. (Omitted)
# Configure the RADIUS scheme.
<Sysname> system-view
[Sysname] radius scheme 2000
[Sysname-radius-2000] primary authentication 10.1.1.1 1812
[Sysname-radius-2000] primary accounting 10.1.1.2 1813
[Sysname-radius-2000] key authentication abc