1172 CHAPTER 91: PORT SECURITY CONFIGURATION
Network diagram
Figure 353 Network diagram for port security configuration for userLoginWithOUI mode
Configuration procedure
n
■ The following configuration steps cover some AAA/RADIUS configuration
commands. For details about the commands, refer to “Configuring AAA” on
page 758 and “Configuring RADIUS” on page 765.
■ Configurations on the host and RADIUS servers are omitted.
1 Configure the RADIUS protocol
# Create a RADIUS scheme named radsun.
<Switch> system-view
[Switch] radius scheme radsun
# Set the IP addresses of the primary authentication and accounting servers to
192.168.1.1 and 192.168.1.2 respectively.
[Switch-radius-radsun] primary authentication 192.168.1.1
[Switch-radius-radsun] primary accounting 192.168.1.2
# Set the IP addresses of the secondary authentication and accounting servers to
192.168.1.2 and 192.168.1.1 respectively.
[Switch-radius-radsun] secondary authentication 192.168.1.2
[Switch-radius-radsun] secondary accounting 192.168.1.1
# Set the encryption key for the switch to use when interacting with the
authentication server to name.
[Switch-radius-radsun] key authentication name
# Set the encryption key for the switch to use when interacting with the
accounting server to money.
[Switch-radius-radsun] key accounting money
# Set the RADIUS server response timeout time to five seconds and the maximum
number of RADIUS packet retransmission attempts to 5.
[Switch-radius-radsun] timer response-timeout 5
[Switch-radius-radsun] retry 5
Internet
Switch
Host
GE1/0/1
Authentication servers
(192.168.1.1/24
192.168.1.2/24)
To Next Page
Loading...
