1-15
# Configure ISP domain
sun
to use RADIUS scheme
radsun
for authentication, authorization, and
accounting of all types of users. Specify that the ISP domain can contain up to 30 users.
[Switch] domain sun
[Switch-isp-sun] authentication default radius-scheme radsun
[Switch-isp-sun] authorization default radius-scheme radsun
[Switch-isp-sun] accounting default radius-scheme radsun
[Switch-isp-sun] access-limit enable 30
[Switch-isp-sun] quit
2) Configure
802.1X
# Set the 802.1X authentication method to CHAP. (This configuration is optional. By default, the
authentication mehtod is CHAP for 802.1X.)
[Switch] dot1x authentication-method chap
3) Configure port security
# Enable port security.
[Switch] port-security enable
# Add five OUI values.
[Switch] port-security oui 1234-0100-1111 index 1
[Switch] port-security oui 1234-0200-1111 index 2
[Switch] port-security oui 1234-0300-1111 index 3
[Switch] port-security oui 1234-0400-1111 index 4
[Switch] port-security oui 1234-0500-1111 index 5
[Switch] interface gigabitethernet 2/0/1
# Set the port security mode to userLoginWithOUI.
[Switch-GigabitEthernet2/0/1] port-security port-mode userlogin-withoui
4) Verify the configuration
After completing the above configurations, you can use the following command to view the
configuration information of the RADIUS scheme named
radsun
:
<Switch> display radius scheme radsun
SchemeName : radsun
Index : 1 Type : standard
Primary Auth Server:
IP: 192.168.1.2 Port: 1812 State: active
Primary Acct Server:
IP: 192.168.1.3 Port: 1813 State: active
Second Auth Server:
IP: 192.168.1.3 Port: 1812 State: active
Second Acct Server:
IP: 192.168.1.2 Port: 1813 State: active
Auth Server Encryption Key : name
Acct Server Encryption Key : money
Interval for timeout(second) : 5
Retransmission times for timeout : 5
Interval for realtime accounting(minute) : 15
Retransmission times of realtime-accounting packet : 5
Retransmission times of stop-accounting packet : 500
Содержание S7906E - Switch
Страница 82: ...1 4 DeviceA interface tunnel 1 DeviceA Tunnel1 service loopback group 1...
Страница 200: ...1 11 DeviceB display vlan dynamic No dynamic vlans exist...
Страница 494: ...ii Displaying and Maintaining Tunneling Configuration 1 45 Troubleshooting Tunneling Configuration 1 45...
Страница 598: ...ii...
Страница 1757: ...4 9...
Страница 1770: ...6 4...
Страница 2017: ...2 11 Figure 2 3 SFTP client interface...
Страница 2062: ...i Table of Contents 1 URPF Configuration 1 1 URPF Overview 1 1 What is URPF 1 1 How URPF Works 1 1 Configuring URPF 1 2...
Страница 2238: ...1 16 DeviceA cfd linktrace service instance 1 mep 1001 target mep 4002...
Страница 2442: ...2 4 Set the interval for sending Syslog or trap messages to 20 seconds Device mac address information interval 20...