190
# Configure VLANs and IP addresses for the VLAN interfaces, and add ports to specific VLANs.
(Details not shown.)
# Configure the local portal server to support HTTP.
<Switch> system-view
[Switch] portal local-server http
# Configure the IP address of interface loopback 0 as 4.4.4.4.
[Switch] interface loopback 0
[Switch-LoopBack0] ip address 4.4.4.4 32
[Switch-LoopBack0] quit
# Specify the listening IP address of the local portal server for Layer-2 portal authentication as
4.4.4.4.
[Switch] portal local-server ip 4.4.4.4
# Enable Layer-2 portal authentication on Ethernet 1/0/1.
[Switch] interface ethernet 1/0/1
[Switch–Ethernet1/0/1] portal local-server enable
[Switch–Ethernet1/0/1] quit
3. Configure 802.1X authentication:
# Enable 802.1X authentication globally.
[Switch] dot1x
# Enable 802.1X authentication (MAC-based access control required) on Ethernet 1/0/1.
[Switch] interface ethernet 1/0/1
[Switch–Ethernet1/0/1] dot1x port-method macbased
[Switch–Ethernet1/0/1] dot1x
[Switch–Ethernet1/0/1] quit
4. Configure MAC authentication:
# Enable MAC authentication globally.
[Switch] mac-authentication
# Enable MAC authentication on Ethernet 1/0/1.
[Switch] interface ethernet 1/0/1
[Switch–Ethernet1/0/1] mac-authentication
[Switch–Ethernet1/0/1] quit
5. Configure a RADIUS scheme:
# Create a RADIUS scheme named rs1.
[Switch] radius scheme rs1
# Specify the server type for the RADIUS scheme, which must be extended when the IMC server is
used.
[Switch-radius-rs1] server-type extended
# Specify the primary authentication and accounting servers and keys.
[Switch-radius-rs1] primary authentication 1.1.1.2
[Switch-radius-rs1] primary accounting 1.1.1.2
[Switch-radius-rs1] key authentication radius
[Switch-radius-rs1] key accounting radius
# Specify usernames sent to the RADIUS server to carry no domain names.
[Switch-radius-rs1] user-name-format without-domain
[Switch-radius-rs1] quit
To Next Page
Loading...
Need help?
General