3com 2928 Guida Utente
1-20
Figure 1-22
Configure the AAA accounting method for the ISP domain
z
Select the domain name test.
z
Select the Default Accounting checkbox and then select RADIUS as the accounting mode.
z
Select system from the Name drop-down list to use it as the accounting scheme.
z
Click Apply. A configuration progress dialog box appears.
z
After the configuration process is complete, click Close.
ACL Assignment Configuration Example
Network requirements
As shown in
, the switch and the RADIUS authentication servers (iMC servers) work
together to authenticate the host that is to access the Internet. An FTP server is on the Internet, and its
IP address is 10.0.0.1.
IP address is 10.0.0.1.
z
Configure the authentication server to assign ACL 3000.
z
Enable 802.1X for port GigabitEthernet 1/0/1 and configure ACL 3000 on the switch.
After a user passes authentication, the authentication server assigns ACL 3000. At this time, ACL 3000
takes effect on GigabitEthernet 1/0/1, allowing the host to access the Internet but not the FTP server.
takes effect on GigabitEthernet 1/0/1, allowing the host to access the Internet but not the FTP server.
Figure 1-23
Network diagram for ACL assignment
Internet
Switch
Host
Authentication servers
(RADIUS server cluster)
192.168.1.10
Vlan-int2
192.168.1.1/24
FTP server
10.0.0.1
10.1.1.1
10.1.1.2
GE1/0/1