3Com Switch 8800 Advanced Software V5 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 9400sl 4-Port 10-GbE Module

921

922

923

924

925

926

927

928

929

930

930 CHAPTER 71: 802.1X CONFIGURATION

Network diagram

Figure 274 Network diagram for 802.1x configuration

Configuration procedure

The following configuration procedure covers most AAA/RADIUS configuration

commands for the authenticator, while configuration on the supplicant and

RADIUS server are omitted. For information about AAA/RADIUS configuration

commands, refer to

“AAA, RADIUS and HWTACACS Configuration” on page 879.

# Add local access user localuser, enable the idle cut function, and set the idle cut

interval.

<Sysname> system-view

[Sysname] local-user localuser

[Sysname-luser-localuser] service-type lan-access

[Sysname-luser-localuser] password simple localpassword

[Sysname-luser-localuser] attribute idle-cut 20

[Sysname-luser-localuser] quit

# Create RADIUS scheme radius1 and enter its view.

[Sysname] radius scheme radius1

# Configure the IP addresses of the primary authentication and accounting

RADIUS servers.

[Sysname-radius-radius1] primary authentication 10.11.1.1

[Sysname-radius-radius1] primary accounting 10.11.1.2

# Configure the IP addresses of the secondary authentication and accounting

RADIUS servers.

[Sysname-radius-radius1] secondary authentication 10.11.1.2

[Sysname-radius-radius1] secondary accounting 10.11.1.1

# Specify the shared key for the switch to exchange packets with the

authentication server.

[Sysname-radius-radius1] key authentication name

# Specify the shared key for the switch to exchange packets with the accounting

server.

Internet

Switch

Authenticator

Supplicant

Ethernet3 /1/1

Authentication servers

(IP address 10.11.1.1

10.11.1.2)