Operation Manual – 802.1x-System Guard
H3C S3100 Series Ethernet Switches Chapter 1 802.1x Configuration
1-15
1.3 Basic 802.1x Configuration
1.3.1 Configuration Prerequisites
z Configure ISP domain and the AAA scheme to be adopted. You can specify a
RADIUS scheme or a local scheme.
z Ensure that the service type is configured as lan-access (by using the
service-type command) if local authentication scheme is adopted.
1.3.2 Configuring Basic 802.1x Functions
Table 1-1 Configure basic 802.1x functions
Operation Command Remarks
Enter system view
system-view
—
Enable 802.1x
globally
dot1x
Required
By default, 802.1x is disabled
globally.
In
system
view
dot1x interface interface-list
interface interface-type
interface-number
dot1x
Enable
802.1x
for
specifie
d ports
In port
view
quit
Required
By default, 802.1x is disabled
on all ports.
In
system
view
dot1x port-control
{ authorized-force |
unauthorized-force | auto }
[ interface interface-list ]
interface interface-type
interface-number
dot1x port-control
{ authorized-force |
unauthorized-force | auto }
Set port
access
control
mode
for
specifie
d ports
In port
view
quit
Optional
By default, an 802.1x-enabled
port operates in the auto
mode.
In
system
view
dot1x port-method
{ macbased | portbased }
[ interface interface-list ]
interface interface-type
interface-number
dot1x port-method
{ macbased | portbased }
Set port
access
method
for
specifie
d ports
In port
view
quit
Optional
The default port access
method is
MAC-address-based (that is,
the macbased keyword is
used by default).
To Next Page
Loading...
Need help?
General