802.1X With Acl Assignment Configuration Example - HP A5830 Series Configuration Manual
Security switch
Hide thumbs
Also See for A5830 Series:
- Command reference manual (249 pages) ,
- Configuration manual (246 pages) ,
- Configuration manual (152 pages)
Table of Contents
Advertisement
802.1X with ACL assignment configuration example
Network requirements
As shown in
network access device.
Perform 802.1X authentication on the port. Use the RADIUS server at 10.1.1.1 as the authentication and
authorization server and the RADIUS server at 10.1.1.2 as the accounting server. Assign an ACL to
GigabitEthernet 1/0/1 to deny the access of 802.1X users to the FTP server at 10.0.0.1/24 on
weekdays during business hours from 8:00 to 18:00.
Figure 35 Network diagram for ACL assignment
Configuration procedure
NOTE:
The following configuration procedure provides the major AAA and RADIUS configuration on the
access device. The configuration procedures on the 802.1X client and RADIUS server are beyond the
scope of this configuration example. For information about AAA and RADIUS configuration
commands, see
Configure 802.1X client. Make sure that the client is able to update its IP address after the access
1.
port is assigned to the 802.1X guest VLAN or a server-assigned VLAN. (Details not shown)
Configure the RADIUS servers, user accounts, and authorization ACL, ACL 3000 in this example.
2.
(Details not shown)
Configure the access device.
3.
# Assign IP addresses to interfaces. (Details not shown)
# Configure the RADIUS scheme.
<Device> system-view
[Device] radius scheme 2000
[Device-radius-2000] primary authentication 10.1.1.1 1812
[Device-radius-2000] primary accounting 10.1.1.2 1813
[Device-radius-2000] key authentication abc
[Device-radius-2000] key accounting abc
[Device-radius-2000] user-name-format without-domain
[Device-radius-2000] quit
Figure
35, the host at 192.168.1.10 connects to port GigabitEthernet 1/0/1 of the
Security Command Reference
.
89
Advertisement
Table of Contents
Troubleshooting
