Configuration Guide 802.1x Configuration
Application of port-based 1X authentication and IP authorization
Network Topology
Figure15 topology for port-based 1X authentication and IP authorization
Networking Requirements
The client accesses network through 802.1x authentication. RADIUS server is the authentication server. The following
application needs must be met:
1) When the active server fails due to certain reason, the device can automatically submit authentication request to the
next server in the method list.
2) When a user connected to one port of device passes the authentication, all users connected to this port will be able
to access network freely.
3) Dynamic user is not allowed to move between multiple authentication ports.
4) The IP of an authenticated user must be assigned by the RADIUS Server, namely the authenticated user can only
use the IP specified by RADIUS Server to access network.
Configuration Tips
Turn on AAA switch and configure the communication between device and RADIUS SERVER;
Configure 802.1X authentication and configure the device port for client access as controlled port;
Configure active/standby server group
Configure the control mode of user authentication under the corresponding port as port-based authentication;
Configure to prohibit dynamic user from moving between ports;
Configure IP authorization mode as radius Server mode.
Configuration Steps
Configure access switch "SwitchA":
! Turn on AAA switch
Ruijie(config)#aaa new-model
To Next Page
Loading...
