3com 4210 PWR 9-Port 3CR17341-91-ME User Manual
Product codes
3CR17341-91-ME
230
C
HAPTER
17: 802.1
X
C
ONFIGURATION
Network diagram
Figure 76 Network diagram for AAA configuration with 802.1x and RADIUS enabled
Configuration procedure
n
Following configuration covers the major AAA/RADIUS configuration commands.
Refer to “AAA Configuration” on page 245 for the information about these
commands. Configuration on the client and the RADIUS servers is omitted.
Refer to “AAA Configuration” on page 245 for the information about these
commands. Configuration on the client and the RADIUS servers is omitted.
# Enable 802.1x globally.
<4210> system-view
System View: return to User View with Ctrl+Z.
[4210] dot1x
# Enable 802.1x on Ethernet 1/0/1 port.
[4210] dot1x interface Ethernet 1/0/1
# Set the access control method to be MAC-address-based (This operation can be
omitted, as MAC-address-based is the default).
omitted, as MAC-address-based is the default).
[4210] dot1x port-method macbased interface Ethernet 1/0/1
# Create a RADIUS scheme named "radius1" and enter RADIUS scheme view.
[4210] radius scheme radius1
# Assign IP addresses to the primary authentication and accounting RADIUS
servers.
servers.
[4210-radius-radius1] primary authentication 10.11.1.1
[4210-radius-radius1] primary accounting 10.11.1.2
# Assign IP addresses to the secondary authentication and accounting RADIUS
server.
server.
[4210-radius-radius1] secondary authentication 10.11.1.2
[4210-radius-radius1] secondary accounting 10.11.1.1
# Set the password for the switch and the authentication RADIUS servers to
exchange messages.
exchange messages.
IP network
Supplicant
Authenticator
Ethernet 1/0/1
Authentication Servers
(IP Address:
10.11.1.1
10.11.1.2)
Switch