3Com Switch 4800G 24-Port

To Next Page

To Previous Page

734 CHAPTER 50: 802.1X CONFIGURATION

Figure 222 Network diagram when the supplicant passes authentication

Configuration procedure

# Configure RADIUS scheme 2000.

<Sysname> system-view

[Sysname] radius scheme 2000

[Sysname-radius-2000] primary authentication 10.11.1.1 1812

[Sysname-radius-2000] primary accounting 10.11.1.1 1813

[Sysname-radius-2000] key authentication abc

[Sysname-radius-2000] key accounting abc

[Sysname-radius-2000] user-name-format without-domain

[Sysname-radius-2000] quit

# Configure domain system and specify to use RADIUS scheme 2000 for users of

the domain.

[Sysname] domain system

[Sysname-isp-system] authentication default radius-scheme 2000

[Sysname-isp-system] authorization default radius-scheme 2000

[Sysname-isp-system] accounting default radius-scheme 2000

[Sysname-isp-system] quit

# Enable 802.1x globally.

[Sysname] dot1x

# Enable 802.1x for port GigabitEthernet 1/0/1.

[Sysname] interface GigabitEthernet 1/0/1

[Sysname-GigabitGigabitEthernet1/0/1] dot1x

# Set the port access control method to portbased.

[Sysname-GigabitGigabitEthernet1/0/1] dot1x port-method portbased

# Set the port access control mode to auto.

Internet

Update server

Authenticator server

Supplicant

VLAN 10

GE1/0/4

VLAN 5

GE1/0/1

VLAN 5

GE1/0/2

VLAN 2

GE1/0/3

VLAN 5

Switch

3Com Switch 4800G 24-Port - Page 734