Huawei Quidway S9300 Configuration Manual page 110
Terabit routing switch
Hide thumbs
Also See for Quidway S9300:
- Configuration manual - network management (630 pages) ,
- Configuration manual (603 pages) ,
- Configuration manual - multicast (262 pages)
Table of Contents
Advertisement
2 NAC Configuration
# Enable MAC address authentication globally and on GE 1/0/0.
[Quidway] mac-authen
[Quidway] interface gigabitethernet1/0/0
[Quidway-GigabitEthernet1/0/0] mac-authen
# Set the maximum number of access users on GE 1/0/0.
[Quidway-GigabitEthernet1/0/0] mac-authen max-user 100
[Quidway-GigabitEthernet1/0/0] quit
# Specify domain isp1 as the domain of the users that use MAC address authentication.
[Quidway] mac-authen domain isp1
Step 5 Verify the configuration.
Run the display mac-authen interface command on the S9300, and you can view the
configuration of MAC address authentication.
<Quidway> display mac-authen interface GigabitEthernet 1/0/0
MAC address authentication is Enabled
Max online user is 100
Current online user is 2
Guest VLAN is disabled
Authentication Success: 2, Failure: 1
Controlled User(s) amount to 2 , print number:2
----End
Configuration Files
#
sysname Quidway
#
mac-authen
mac-authen domain isp
#
radius-server template rd1
radius-server shared-key cipher 3MQ*TZ,O3KCQ=^Q`MAF4<1!!
radius-server authentication 192.168.2.30 1812
radius-server retransmit 2
#
aaa
authentication-scheme web1
authentication-mode radius
domain isp1
authentication-scheme web1
radius-server rd1
#
interface GigabitEthernet1/0/0
mac-authen
mac-authen max-user 100
#
return
2-40
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Quidway S9300 Terabit Routing Switch
Configuration Guide - Security
Issue 06 (2010–01–08)
Advertisement
Chapters
Table of Contents
