3com WX1200 3CRWX120695A Manuel D’Utilisation
512
C
HAPTER
21: C
ONFIGURING
AAA
FOR
N
ETWORK
U
SERS
Network User
Configuration
Scenarios
Configuration
Scenarios
The following scenarios provide examples of ways in which you use AAA
commands to configure access for users:
commands to configure access for users:
General Use of
Network User
Commands
The following example illustrates how to configure IEEE 802.1X network
users for authentication, accounting, ACL filtering, and Mobility Profile
assignment:
users for authentication, accounting, ACL filtering, and Mobility Profile
assignment:
1 Configure all 802.1X users of SSID mycorp at EXAMPLE to be
authenticated by server group shorebirds. Type the following command:
WX1200# set authentication dot1x ssid mycorp EXAMPLE\* pass-through shorebirds
2 Configure stop-only accounting for all mycorp users at EXAMPLE, for
accounting records to be stored locally. Type the following command:
WX1200# set accounting dot1x ssid mycorp EXAMPLE\* stop-only local
success: change accepted.
success: change accepted.
3 Configure an ACL to filter the inbound packets for each user at
EXAMPLE. Type the following command for each user: <<syntax valid?>>
WX1200# set user EXAMPLE\username attr filter-id = acl-101.in
This command applies the access list named acl-101 to each user at
EXAMPLE.
EXAMPLE.
4 To display the ACL, type the following command:
WX1200# display security acl info acl-101
set security acl ip acl-101 (hits #0 0)
----------------------------------------------------
1. permit IP source IP 192.168.1.1 0.0.0.255 destination IP any enable-hits
set security acl ip acl-101 (hits #0 0)
----------------------------------------------------
1. permit IP source IP 192.168.1.1 0.0.0.255 destination IP any enable-hits
(For more information about ACLs, see Chapter 19, “Configuring and
Managing Security ACLs,” on page 377.)
Managing Security ACLs,” on page 377.)