Netgear M5300-52G-POE+ (GSM7252PSv1h2) - ProSAFE 48+4 L2+ POE Stackable Managed Switch 관리자 가이드
Security Management
365
Managed Switches
The following example shows how to authenticate the dot1x users by a RADIUS server. The
management IP address is 10.100.5.33/24. The example is shown as CLI commands and as
a web interface procedure.
management IP address is 10.100.5.33/24. The example is shown as CLI commands and as
a web interface procedure.
CLI: Authenticating dot1x Users by a RADIUS Server
1.
Assign an IP address to 1/0/19, and set force authorized mode to this port, and create a
user name list dot1xList.
(Netgear Switch) #config
(Netgear Switch) (Config)#ip routing
(Netgear Switch) (Config)#interface 1/0/1
(Netgear Switch) (Interface 1/0/1)#routing
(Netgear Switch) (Interface 1/0/1)#ip address 192.168.1.1 255.255.255.0
(Netgear Switch) (Config)#dot1x system-auth-control
(Netgear Switch) (Config)#interface 1/0/19
(Netgear Switch) (Interface 1/0/19)#routing
(Netgear Switch) (Interface 1/0/19)#ip address 10.100.5.33 255.255.255.0
(Netgear Switch) (Interface 1/0/19)#dot1x port-control force-authorized
2.
Use RADIUS to authenticate the dot1x users.
(Netgear Switch) (Config)#aaa authentication dot1x default radius
3.
Configure a RADIUS authentication server.
(Netgear Switch) (Config)#radius server host auth 10.100.5.17
4.
Configure the shared secret between the RADIUS client and the server.
Netgear Switch) (Config)#radius server key auth 10.100.5.17
Enter secret (16 characters max):123456
Re-enter secret:123456
5.
Set the RADIUS server as a primary server.
(Netgear Switch) (Config)#radius server msgauth 10.100.5.17
(Netgear Switch) (Config)# radius server primary 10.100.5.17