EasyManuals Logo

H3C S5120-EI Series User Manual

H3C S5120-EI Series
1166 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #651 background imageLoading...
Page #651 background image
1-21
[Device-isp-aabbcc.net] authentication default radius-scheme radius1 local
[Device-isp-aabbcc.net] authorization default radius-scheme radius1 local
[Device-isp-aabbcc.net] accounting default radius-scheme radius1 local
# Set the maximum number of users for the domain as 30.
[Device-isp-aabbcc.net] access-limit enable 30
# Enable the idle cut function and set the idle cut interval.
[Device-isp-aabbcc.net] idle-cut enable 20
[Device-isp-aabbcc.net] quit
# Configure aabbcc.net as the default domain.
[Device] domain default enable aabbcc.net
# Enable 802.1X globally.
[Device] dot1x
# Enable 802.1X for port GigabitEthernet 1/0/1.
[Device] interface GigabitEthernet 1/0/1
[Device-GigabitEthernet1/0/1] dot1x
[Device-GigabitEthernet1/0/1] quit
# Set the port access control method. (Optional. The default settings meet the requirement.)
[Device] dot1x port-method macbased interface GigabitEthernet 1/0/1
Guest VLAN and VLAN Assignment Configuration Example
Network requirements
As shown in Figure 1-11:
z A host is connected to port GigabitEthernet 1/0/2 of the device and must pass 802.1X
authentication to access the Internet. GigabitEthernet 1/0/2 is in VLAN 1.
z The authentication server runs RADIUS and is in VLAN 2.
z The update server, which is in VLAN 10, is for client software download and upgrade.
z Port GigabitEthernet 1/0/3 of the device, which is in VLAN 5, is for accessing the Internet.
As shown in
Figure 1-12:
z On port GigabitEthernet 1/0/2, enable 802.1X and set VLAN 10 as the guest VLAN of the port. If the
device sends an EAP-Request/Identity packet from the port for the maximum number of times but
still receives no response, the device adds the port to its guest VLAN. In this case, the host and the
update server are both in VLAN 10, so that the host can access the update server and download
the 802.1X client.
As shown in
Figure 1-13:
z After the host passes the authentication and logs in, the host is added to VLAN 5. In this case, the
host and GigabitEthernet 1/0/3 are both in VLAN 5, so that the host can access the Internet.

Table of Contents

Other manuals for H3C S5120-EI Series

Preview: Installation Manual
Installation Manual96 pages
Preview: Command Reference
Command Reference242 pages
Preview: Installation Guide
Installation Guide63 pages
Preview: Configuration Guide
Configuration Guide144 pages
Preview: Configuration Commands
Configuration Commands29 pages
Preview: Irf Command Reference
Irf Command Reference32 pages
Preview: Installation, Quick Start
Installation, Quick Start31 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the H3C S5120-EI Series and is the answer not in the manual?

H3C S5120-EI Series Specifications

General IconGeneral
BrandH3C
ModelS5120-EI Series
CategorySwitch
LanguageEnglish

Related product manuals