Configuring 802.1X
grant the access request of the supplicant. After the supplicant gets online, the authenticator
periodically sends handshake requests to the supplicant to check whether the supplicant is
still online. By default, if two consecutive handshake attempts end up with failure, the
authenticator concludes that the supplicant has gone offline and performs the necessary
operations, guaranteeing that the authenticator always knows when a supplicant goes offline.
11) The supplicant can also send an EAPOL-Logoff frame to the authenticator to go offline
unsolicitedly. In this case, the authenticator changes the status of the port from authorized to
unauthorized and sends an EAP-Failure frame to the supplicant.
22.2 Configuring AAA
Finish necessary configuration of domain and RDIUS project of 802.1X authentication.
22.2.1 Configuring RADIUS Server
RADIUS server saves valid user’s identity. When authentication, system transfers user’s
identity to RADIUS server and transfer the validation to user .User accessing to system can
access LAN resources after authentication of RADIUS server.
Table 22-1 Configure RADIUS server
Enter global configuration mode
Enter RAIDUS configuration
primary-auth-ip ipaddr port
second-auth-ip ipaddr port
Configure key string of primary RADIUS
auth-secret-key keystring
Configure key string of second RADIUS
acct -secret-key keystring
Configure NAS-RAIDUS address
Setup the username format
username-format { with-domain |
without-domain }
Configure the times of accounting
22.2.2 Configuring Local User
Client need configure local user name and password.
To Next Page
Loading...
Need help?
General
