3com S7906E 安装指导

 

1-22 

z 

Set the shared key for the device to exchange packets with the authentication server as name, and 

that for the device to exchange packets with the accounting server as money. 

z 

Specify the device to try up to five times at an interval of 5 seconds in transmitting a packet to the 

RADIUS server until it receives a response from the server, and to send real time accounting 

packets to the accounting server every 15 minutes. 

z 

Specify the device to remove the domain name from the username before passing the username to 

the RADIUS server. 

z 

Set the username of the 802.1X user as localuser and the password as localpass and specify to 

use clear text mode. Enable the idle cut function to get the user offline whenever the user remains 

idle for over 20 minutes. 

Figure 1-10 Network diagram for 802.1X configuration 

 

 

 

 

The following configuration procedure covers most AAA/RADIUS configuration commands for the 

device, while configuration on the 802.1X client and RADIUS server are omitted. For information about 

AAA/RADIUS configuration commands, refer to AAA Configuration in the Security Volume. 

 

# Configure the IP addresses for each interface. (Omitted) 

# Add local access user localuser, enable the idle cut function, and set the idle cut interval. 

<Device> system-view 

[Device] local-user localuser 

[Device-luser-localuser] service-type lan-access 

[Device-luser-localuser] password simple localpass 

[Device-luser-localuser] attribute idle-cut 20 

[Device-luser-localuser] quit 

# Create RADIUS scheme radius1 and enter its view. 

[Device] radius scheme radius1 

# Configure the IP addresses of the primary authentication and accounting RADIUS servers. 

[Device-radius-radius1] primary authentication 10.1.1.1