Configuring The Userloginwithoui Mode - HP A5830 Series Configuration Manual

Configuring the userLoginWithOUI mode

Network requirements
As shown in
device authenticates the client with a RADIUS server. If the authentication succeeds, the client is
authorized to access the Internet.
The RADIUS server at 192.168.1.2 functions as the primary authentication server and the
•
secondary accounting server, and the RADIUS server at 192.168.1.3 functions as the secondary
authentication server and the primary accounting server. The shared key for authentication is name,
and that for accounting is money.
All users use the default authentication, authorization, and accounting methods of ISP domain sun,
•
which can accommodate up to 30 users.
The RADIUS server response timeout time is 5 seconds, and the maximum number of RADIUS
•
packet retransmission attempts is five. The device sends real-time accounting packets to the RADIUS
server at an interval of 15 minutes, and it sends usernames without domain names to the RADIUS
server.
Configure port GigabitEthernet 1/0/1 of the device to do the following:
Allow only one 802.1X user to be authenticated.
•
Allow up to 16 OUI values to be configured, and allow one terminal that uses any of the OUI
•
values to access the port in addition to an 802.1X user.
Figure 41 Network diagram for configuring the userLoginWithOUI mode
Configuration procedure
NOTE:
The following configuration steps cover some AAA/RADIUS configuration commands. For more
•
information about the commands, see "
Configurations on the host and RADIUS servers are not shown.
•
Configure the RADIUS protocol.
1.
# Configure a RADIUS scheme named radsun.
<Device> system-view
[Device] radius scheme radsun
[Device-radius-radsun] primary authentication 192.168.1.2
[Device-radius-radsun] primary accounting 192.168.1.3
[Device-radius-radsun] secondary authentication 192.168.1.3
Figure 41, a client is connected to the device through port GigabitEthernet 1/0/1. The
C onfiguring AAA."
3
119