Manualsbrain.com
  1. Manuels
  2. Marques
  3. 3com
  4. WX3000
  5. Manuel D’Utilisation

3com WX3000 Manuel D’Utilisation

Télécharger
Page de 715
 
1-12 
Figure 1-11 802.1x configuration 
ISP domain
configuration
AAA scheme
Local
authentication
RADIUS
scheme
802.1x 
configuration
ISP domain
configuration
AAA scheme
Local
authentication
RADIUS
scheme
802.1x 
configuration
 
 
An 802.1x user uses the domain name to associate with the ISP domain configured on the device.  
Configure the AAA scheme (a local authentication scheme, a RADIUS scheme or a HWTACACS 
scheme) to be adopted in the ISP domain. 
If you specify to use a local authentication scheme, you need to configure the user names and 
passwords manually on the device. Users can pass the authentication through iNode client if they 
provide user names and passwords that match those configured on the device. 
If you specify to adopt the RADIUS scheme, users are authenticated by a remote RADIUS server. 
In this case, you need to configure user names and passwords on the RADIUS server and perform 
RADIUS client-related configuration on the device. 
If you specify to adopt the HWTACACS scheme, users are authenticated by a remote TACACS 
server. In this case, you need to configure user names and passwords on the TACACS server and 
perform HWTACACS client-related configuration on the device. 
You can also specify to adopt the RADIUS or HWTACACS authentication scheme, with a local 
authentication scheme as a backup. In this case, the local authentication scheme is adopted when 
the RADIUS server or the TACACS server fails. 
Refer to the AAA Operation Manual for detailed information about AAA scheme configuration. 
Basic 802.1x Configuration 
Configuration Prerequisites 
Configure ISP domain and the AAA scheme to be adopted. You can specify a RADIUS scheme, a 
HWTACACS scheme, or a local scheme. 
Ensure that the service type is configured as lan-access (by using the service-type command) if 
local authentication scheme is adopted. 
Configuring Basic 802.1x Functions 
Follow these steps to configure basic 802.1x functions: 
To do… 
Use the command… 
Remarks 
Enter system view 
system-view 
— 
Enable 802.1x globally 
dot1x 
Required 
By default, 802.1x is 
disabled globally.