EasyManuals Logo

HPE FlexFabric 5940 SERIES User Manual

HPE FlexFabric 5940 SERIES
571 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #119 background imageLoading...
Page #119 background image
106
[Device-radius-2000] primary authentication 10.11.1.1 1812
# Specify the server at 10.11.1.1 as the primary accounting server, and set the accounting port
to 1813.
[Device-radius-2000] primary accounting 10.11.1.1 1813
# Set the shared key to abc in plain text for secure communication between the authentication
server and the device.
[Device-radius-2000] key authentication simple abc
# Set the shared key to abc in plain text for secure communication between the accounting
server and the device.
[Device-radius-2000] key accounting simple abc
# Exclude the ISP domain names from the usernames sent to the RADIUS server.
[Device-radius-2000] user-name-format without-domain
[Device-radius-2000] quit
5. Configure an ISP domain:
# Create ISP domain bbb and enter ISP domain view.
[Device] domain bbb
# Apply RADIUS scheme 2000 to the ISP domain for authentication, authorization, and
accounting.
[Device-isp-bbb] authentication lan-access radius-scheme 2000
[Device-isp-bbb] authorization lan-access radius-scheme 2000
[Device-isp-bbb] accounting lan-access radius-scheme 2000
[Device-isp-bbb] quit
6. Configure 802.1X on the access device:
# Enable 802.1X on Ten-GigabitEthernet 1/0/2.
[Device] interface ten-gigabitethernet 1/0/2
[Device-Ten-GigabitEthernet1/0/2] dot1x
# Implement port-based access control on the port.
[Device-Ten-GigabitEthernet1/0/2] dot1x port-method portbased
# Set the port authorization mode to auto. By default, the port uses the auto mode.
[Device-Ten-GigabitEthernet1/0/2] dot1x port-control auto
# Specify VLAN 10 as the 802.1X guest VLAN on Ten-GigabitEthernet 1/0/2.
[Device-Ten-GigabitEthernet1/0/2] dot1x guest-vlan 10
[Device-Ten-GigabitEthernet1/0/2] quit
# Enable 802.1X globally.
[Device] dot1x
Verifying the configuration
# Verify the 802.1X guest VLAN configuration on Ten-GigabitEthernet 1/0/2.
[Device] display dot1x interface ten-gigabitethernet 1/0/2
# Verify that Ten-GigabitEthernet 1/0/2 is assigned to VLAN 10 before any user passes
authentication on the port.
[Device] display vlan 10
# After a user passes authentication, display information on Ten-GigabitEthernet 1/0/2. Verify that
Ten-GigabitEthernet 1/0/2 is assigned to VLAN 5.
[Device] display interface ten-gigabitethernet 1/0/2

Table of Contents

Other manuals for HPE FlexFabric 5940 SERIES

Preview: Configuration Guide
Configuration Guide334 pages
Preview: Fundamentals Command Reference
Fundamentals Command Reference289 pages
Preview: Command Reference
Command Reference139 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexFabric 5940 SERIES and is the answer not in the manual?

HPE FlexFabric 5940 SERIES Specifications

General IconGeneral
BrandHPE
ModelFlexFabric 5940 SERIES
CategorySwitch
LanguageEnglish

Related product manuals