EasyManuals Logo

Huawei Quidway S3500 Series User Manual

Huawei Quidway S3500 Series
671 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #476 background imageLoading...
Page #476 background image
Operation Manual - Security
Quidway S3500 Series Ethernet Switches Chapter 1 802.1x Configuration
Huawei Technologies Proprietary
1-7
information to RADIUS server in the form of EAP packets directly and RADIUS server
must support EAP authentication).
For EAP authentication, PEAP, EAP-TLS and EAP-MD5 methods are available on the
switch:
z EAP-TLS: The client and RADIUS server check in EAP-TLS approach mutually
the security certificate authority of the other’s, to guarantee the validity of the
certificates and prevent data from being illegally used.
z PEAP: As a kind of EAP protocol, protected EAP (PEAP) first establishes an
encrypted transport layer security (TLS) channel to provide integrity protection,
and then initiates a new type of EAP negotiation, to accomplish identity
authentication to the client.
 Note:
For EAP authentication, the S3552G, S3552P, S3528G, S3528P, S3526E, S3526E
FM, S3526E FS and S3526C switches support the PEAP, EAP-TLS, and EAP-MD5
authentication. To enable any of the three, you just need to enable the EAP
authentication. However, the S3526, S3526 FM, and S3526 FS switches support
EAP-MD5 authentication only.
Perform the following configurations in system view.
Table 1-7 Configuring the authentication method for 802.1x user
Operation Command
Configure authentication method for
802.1x user (For S3552G, S3552P,
S3528G, S3528P, S3526E, S3526E FM,
S3526E FS and S3526C)
dot1x authentication-method { chap |
pap | eap }
Configure authentication method for
802.1x user (For S3526, S3526 FM and
S3526 FS)
dot1x authentication-method { chap |
pap | eap md5-challenge }
Restore the default authentication
method for 802.1x user
undo dot1x authentication-method
By default, CHAP authentication is used for 802.1x user authentication.
1.2.8 Enabling/Disabling Guest VLAN
After the Guest VLAN function is enabled, the switch broadcasts active authentication
packets to all ports on which 802.1x are enabled. If there is still some ports do not return
response packets after being re-authenticated for maximum times, the switch adds this

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Huawei Quidway S3500 Series and is the answer not in the manual?

Huawei Quidway S3500 Series Specifications

General IconGeneral
BrandHuawei
ModelQuidway S3500 Series
CategoryNetwork Router
LanguageEnglish

Related product manuals