To Next Page

To Previous Page

3. Assign an IP address to each interface, as shown in Figure 32. (Details not shown.)

4. Configu

re a RADIUS sc

heme:

# Create RADIUS scheme 2000 and enter RADIUS scheme view.

<Device> system-view

[Device] radius scheme 2000

# Specify the server at 10.11.1.1 as the primary authentication server, and set the authentication

port to 1812.

[Device-radius-2000] primary authentication 10.11.1.1 1812

# Specify the server at 10.11.1.2 as the primary accounting server, and set the accounting port to

1813.

[Device-radius-2000] primary accounting 10.11.1.2 1813

# Set the shared key to abc in plain text for secure communication between the authentication

server and the device.

[Device-radius-2000] key authentication simple abc

# Set the shared key to abc in plain text for secure communication between the accounting server

and the device.

[Device-radius-2000] key accounting simple abc

# Exclude the ISP domain name from the usernames sent to the RADIUS server.

[Device-radius-2000] user-name-format without-domain

[Device-radius-2000] quit

5. Configure an ISP domain:

# Create ISP

domain bbb and enter ISP domain view.

[Device] domain bbb

# Apply RADIUS scheme 2000 to the ISP domain for authentication, authorization, and

ccounting.

[Device-isp-bbb] authentication lan-access radius-scheme 2000

[Device-isp-bbb] authorization lan-access radius-scheme 2000

[Device-isp-bbb] accounting lan-access radius-scheme 2000

[Device-isp-bbb] quit

6. Configure a time range named ftp from 8:00 to 18:00 on weekdays.

[Device] time-range ftp 8:00 to 18:00 working-day

7. Configure ACL 3000 to deny packets destined for the FTP server at 10.0.0.1 during the specified

time range.

[Device] acl number 3000

[Device-acl-adv-3000] rule 0 deny ip destination 10.0.0.1 0 time-range ftp

[Device-acl-adv-3000] quit

8. Configure 802.1X:

# Enable 802.1X globally.

[Device] dot1x

# Enable 802.1X on Ten-GigabitEthernet 1/0/1.

[Device] interface ten-gigabitethernet 1/0/1

[Device-Ten-GigabitEthernet1/0/1] dot1x

[Device-Ten-GigabitEthernet1/0/1] quit

Verifying the configuration

# Use the user account to pass authentication. (Details not shown.)

Other manuals for HP FlexFabric 5700 series

Configuration Guide185 pages

Questions and Answers:

Need help?

Do you have a question about the HP FlexFabric 5700 series and is the answer not in the manual?

HP FlexFabric 5700 series Specifications

General

Layer Support	L2/L3
Routing Protocol	OSPF, BGP, RIP, IS-IS, Static Routing
Remote Management Protocol	SNMP, CLI, Web
Features	VXLAN
Compliant Standards	IEEE 802.1D, 802.1Q, 802.1w, 802.1s, 802.3ad
Operating Temperature	0°C to 45°C
Operating Humidity	10% to 90% (non-condensing)
VLANs	4K