EasyManuals Logo
Home>HP>Switch>3600 v2 Series

HP 3600 v2 Series Security Configuration Guide

HP 3600 v2 Series
398 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #204 background imageLoading...
Page #204 background image
193
NOTE:
• Make sure that the terminals, the server, and the switch can reach each other.
• The host of the web user must have a route to the listening IP address of the local portal server.
1. Configure the RADIUS server, and make sure the authentication, authorization, and accounting
functions work normally. In this example, configure on the RADIUS server an 802.1X user (with
username userdot), a portal user (with username userpt), and a MAC authentication user (with a
username and password both being the MAC address of the printer 001588f80dd7).
2. Configure portal authentication.
# Configure VLANs and IP addresses for the VLAN interfaces, and add ports to specific VLANs. (Details
not shown)
# Configure the local portal server to support HTTP.
<Switch> system-view
[Switch] portal local-server http
# Configure the IP address of interface loopback 12 as 4.4.4.4.
[Switch] interface loopback 12
[Switch-LoopBack12] ip address 4.4.4.4 32
[Switch-LoopBack12] quit
# Specify the listening IP address of the local portal server for Layer-2 portal authentication as 4.4.4.4.
[Switch] portal local-server ip 4.4.4.4
# Enable Layer-2 portal authentication on Ethernet 1/0/1.
[Switch] interface ethernet 1/0/1
[Switch–Ethernet1/0/1] portal local-server enable
[Switch–Ethernet1/0/1] quit
3. Configure 802.1X authentication.
# Enable 802.1X authentication globally.
[Switch] dot1x
# Enable 802.1X authentication (MAC-based access control required) on Ethernet 1/0/1.
[Switch] interface ethernet 1/0/1
[Switch–Ethernet1/0/1] dot1x port-method macbased
[Switch–Ethernet1/0/1] dot1x
[Switch–Ethernet1/0/1] quit
4. Configure MAC authentication.
# Enable MAC authentication globally.
[Switch] mac-authentication
# Enable MAC authentication on Ethernet 1/0/1.
[Switch] interface ethernet 1/0/1
[Switch–Ethernet1/0/1] mac-authentication
[Switch–Ethernet1/0/1] quit
5. Configure a RADIUS scheme.
# Create a RADIUS scheme named rs1.
[Switch] radius scheme rs1
# Specify the server type for the RADIUS scheme, which must be extended when the iMC server is used.

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages
Preview: Configuration Guide
Configuration Guide449 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals