3com WX3000 Manuel D’Utilisation

 

1-20 

Figure 1-12 Network diagram for AAA configuration with 802.1x and RADIUS enabled 

 

 

 

Following configuration covers the major AAA/RADIUS configuration commands. Refer to AAA 

Operation Manual for the information about these commands. Configuration on the client and the 

RADIUS servers is omitted. 

 

# Enable 802.1x globally. 

<device> system-view 

System View: return to User View with Ctrl+Z. 

[device] dot1x 

# Enable 802.1x on GigabitEthernet 1/0/1 port. 

[device] dot1x interface GigabitEthernet 1/0/1 

# Set the access control method to be MAC-address-based (This operation can be omitted, as 

MAC-address-based is the default). 

[device] dot1x port-method macbased interface GigabitEthernet 1/0/1 

# Create a RADIUS scheme named “radius1” and enter RADIUS scheme view. 

[device] radius scheme radius1 

# Assign IP addresses to the primary authentication and accounting RADIUS servers. 

[device-radius-radius1] primary authentication 10.11.1.1 

[device-radius-radius1] primary accounting 10.11.1.2 

# Assign IP addresses to the secondary authentication and accounting RADIUS server. 

[device-radius-radius1] secondary authentication 10.11.1.2 

[device-radius-radius1] secondary accounting 10.11.1.1 

# Set the password for the switch and the authentication RADIUS servers to exchange messages. 

[device-radius-radius1] key authentication name 

# Set the password for the switch and the accounting RADIUS servers to exchange messages.