EasyManuals Logo
Home>HP>Switch>3600 v2 Series

HP 3600 v2 Series Security Configuration Guide

HP 3600 v2 Series
398 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #113 background imageLoading...
Page #113 background image
102
Configuration procedure
NOTE:
The following configuration procedure covers most AAA/RADIUS configuration commands on the device.
The configuration on the 802.1X client and RADIUS server are not shown. For more information about
A
AA/RADIUS confi
g
uration commands, see
Security Command Reference
.
1. Make sure the 802.1X client can update its IP address after the access port is assigned to the guest
VLAN or a server-assigned VLAN. (Details not shown)
2. Configure the RADIUS server to provide authentication, authorization, and accounting services.
Configure user accounts and server-assigned VLAN, VLAN 5 in this example. (Details not shown)
3. Create VLANs, and assign ports to the VLANs.
<Device> system-view
[Device] vlan 1
[Device-vlan1] port ethernet 1/0/2
[Device-vlan1] quit
[Device] vlan 10
[Device-vlan10] port ethernet 1/0/1
[Device-vlan10] quit
[Device] vlan 2
[Device-vlan2] port ethernet 1/0/4
[Device-vlan2] quit
[Device] vlan 5
[Device-vlan5] port ethernet 1/0/3
[Device-vlan5] quit
4. Configure a RADIUS scheme.
# Configure RADIUS scheme 2000 and enter its view.
<Device> system-view
[Device] radius scheme 2000
# Specify primary and secondary authentication and accounting servers. Set the shared key to abc for
authentication and accounting packets.
[Device-radius-2000] primary authentication 10.11.1.1 1812
[Device-radius-2000] primary accounting 10.11.1.1 1813
[Device-radius-2000] key authentication abc
[Device-radius-2000] key accounting abc
# Exclude the ISP domain name from the username sent to the RADIUS server.
[Device-radius-2000] user-name-format without-domain
[Device-radius-2000] quit
5. Configure an ISP domain.
# Create ISP domain bbb and enter its view.
[Device] domaim bbb
# Apply RADIUS scheme 2000 to the ISP domain for authentication, authorization, and accounting.
[Device-isp-bbb] authentication lan-access radius-scheme 2000
[Device-isp-bbb] authorization lan-access radius-scheme 2000
[Device-isp-bbb] accounting lan-access radius-scheme 2000
[Device-isp-bbb] quit

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages
Preview: Configuration Guide
Configuration Guide449 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals