Port Security Configuration Examples 1173
# Set the interval at which the switch sends real-time accounting packets to the
RADIUS server to 15 minutes.
[Switch-radius-radsun] timer realtime-accounting 15
# Specify that the switch sends user names without domain names to the RADIUS
server.
[Switch-radius-radsun] user-name-format without-domain
[Switch-radius-radsun] quit
# Create an ISP domain named sun and enter its view.
[Switch] domain sun
# Configure the ISP domain to use RADIUS scheme radsun as its default RADIUS
scheme.
[Switch-isp-sun] authentication default radius-scheme radsun
# Allow the ISP domain to accommodate up to 30 users.
[Switch-isp-sun] access-limit enable 30
[Switch-isp-sun] quit
2 Configure port security
# Enable port security.
[Switch] port-security enable
# Add five OUI values.
[Switch] port-security oui 1234-0100-1111 index 1
[Switch] port-security oui 1234-0200-1111 index 2
[Switch] port-security oui 1234-0300-1111 index 3
[Switch] port-security oui 1234-0400-1111 index 4
[Switch] port-security oui 1234-0500-1111 index 5
[Switch] interface gigabitethernet 1/0/1
# Set the port security mode to userLoginWithOUI.
[Switch-GigabitEthernet1/0/1] port-security port-mode userlogin-withoui
3 Verify the configuration
After completing the above configurations, you can use the following command
to view the configuration information of the RADIUS scheme named radsun:
<Switch> display radius scheme radsun
SchemeName = radsun
Index = 0 Type = standard
Primary Auth IP = 192.168.1.1 Port = 1812 State = active
Primary Acct IP = 192.168.1.2 Port = 1813 State = active
Second Auth IP = 192.168.1.2 Port = 1812 State = active
Second Acct IP = 192.168.1.1 Port = 1813 State = active
Auth Server Encryption Key = name
Acct Server Encryption Key = money
Accounting-On packet disable, send times = 5 , interval = 3s
Interval for timeout(second) = 5
To Next Page
Loading...
