1. Manuals
  2. Brands
  3. HPE Manuals
  4. Switch
  5. OfficeConnect 1950 Series
  6. User manual

Radius-Based Mac Authentication Configuration Example - HPE OfficeConnect 1950 Series User Manual

Hide thumbs Also See for OfficeConnect 1950 Series:
Table of Contents

Advertisement

a. From the navigation tree, select Security > Authentication > Local Users.
b. Add user account dotuser and set the password to 12345.
c. Set the service type to LAN access.
3.
Configure the ISP domain:
a. From the navigation tree, select Security > Authentication > ISP Domains.
b. Add ISP domain abc and set the state to Active.
c. Set the access service to LAN access.
d. Configure the ISP domain to use local method for authentication and authorization of LAN
users, and not perform accounting for LAN users.
4.
Configure 802.1X:
a. From the navigation tree, select Security > Access Control > 802.1X.
b. Enable 802.1X globally.
c. Enable 802.1X on GigabitEthernet 1/0/1, and set the access control method to port-based.
d. On the advanced settings page for GigabitEthernet 1/0/1, set the port authorization state to
Auto and set the mandatory ISP domain to abc.
Verifying the configuration
1.
From the navigation tree, select Security > Authentication > Local Users.
2.
Verify the configuration of local user dotuser. (Details not shown.)
3.
From the navigation tree, select Security > Authentication > ISP Domains.
4.
Verify the configuration of ISP domain abc. (Details not shown.)
5.
Use the user account dotuser and password 12345 to pass authentication.
6.
From the navigation tree, select Security > Access Control > 802.1X.
7.
Verify that the number of online users is not 0 on GigabitEthernet 1/0/1. (Details not shown.)

RADIUS-based MAC authentication configuration example

Network requirements
As shown in
GigabitEthernet 1/0/1.
Configure the switch to meet the following requirements:
Use the RADIUS server to perform authentication, authorization, and accounting for all users.
Authenticate all users in ISP domain macauth.
Use an account with username aaa and password qaz123wdc to identify all users.
Exclude domain names from the usernames sent to the RADIUS server.
Use name as the authentication and accounting shared keys for secure RADIUS
communication between the switch and the RADIUS server.
Use ports 1812 and 1813 for authentication and accounting, respectively.
Figure
43, the switch uses MAC authentication to control Internet access of users on
124
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for HPE OfficeConnect 1950 Series

Related Content for HPE OfficeConnect 1950 Series

Table of Contents