Triple authentication configuration task list
Complete the following tasks to configure triple authentication:
Task
Configure 802.1X
authentication
Configure MAC
authentication
Configure portal
authentication
Triple authentication configuration examples
Triple authentication basic function configuration example
Network requirements
As shown in
configure triple authentication on the Layer-2 interface of the switch that connects to the terminals, so that
a terminal passing one of the three authentication methods, 802.1X authentication, portal authentication,
and MAC authentication, can access the IP network. More specifically,
Configure static IP addresses in network 192.168.1.0/24 for the terminals.
•
Use the remote RADIUS server to perform authentication, authorization, and accounting and
•
configure the switch to send usernames carrying no ISP domain names to the RADIUS server.
•
The local portal authentication server on the switch uses listening IP address 4.4.4.4. The switch
sends a default authentication page to the web user and forwards authentication data using HTTP.
Figure 67 Network diagram for triple authentication basic configuration
Configuration procedure
Remarks
Required
Configure at least
one type of
authentication
Figure
72, the terminals are connected to a switch to access the IP network. It is required to
MAC-based access control
(macbased) is required.
—
Only Layer-2 portal
authentication is supported.
163
Reference
802.1X configuration in
the Security Configuration
Guide.
MAC authentication
configuration in the
Security Configuration
Guide.
Portal configuration in the
Security Configuration
Guide.