3com WX1200 3CRWX120695A User Manual

C

HAPTER

 21: C

ONFIGURING

 AAA 

FOR

 N

ETWORK

 U

SERS

8 Save the configuration:

WX1200# save config
success: configuration saved.

The following example illustrates how to enable RADIUS pass-through 
authentication for all 802.1X network users:

1 Configure the RADIUS server r1 at IP address 10.1.1.1 with the string 

for the key. Type the following command:

WX1200# set radius server r1 address 10.1.1.1 key sunny

2 Configure the server group sg1 with member r1. Type the following 

command:

WX1200# set server group sg1 members r1

3 Enable all 802.1X users of SSID mycorp to authenticate via pass-through 

to server group sg1. Type the following command:

WX1200# set authentication dot1x ssid mycorp * 
pass-through sg1

4 Save the configuration:

WX1200# save config
success: configuration saved.

(For information about setting up RADIUS servers for remote 
authentication, see Chapter 22, “Configuring Communication with 
RADIUS,” on page 519.)

The following example illustrates how to enable local PEAP-MS-CHAP-V2 
authentication for all 802.1X network users. This example includes local 
usernames, passwords, and membership in a VLAN. This example 
includes one username and an optional attribute for a session-timeout in 
seconds.

1 To set authentication for all 802.1X users of SSID thiscorp, type the 

following command:

WX1200# set authentication dot1x ssid thiscorp * peap-mschapv2 local

2 To add user Natasha to the local database on the WX switch, type the 

following command:

WX1200# set user Natasha password moon