3Com S7906E Configuration Manual page 1963

All users use the default authentication, authorization, and accounting methods of ISP domain sun,
which can accommodate up to 30 users.
The RADIUS server response timeout time is five seconds and the maximum number of RADIUS
packet retransmission attempts is five. The switch sends real-time accounting packets to the
RADIUS server at an interval of 15 minutes, and sends user names without domain names to the
RADIUS server.
Restrict port GigabitEthernet 2/0/1 of the switch as follows:
Allow only one 802.1X user to be authenticated.
Allow up to 16 OUI values to be configured and allow one additional user whose MAC address has
an OUI among the configured ones to access the port.
Figure 1-2 Network diagram for configuring the userLoginWithOUI mode
Configuration procedure
The following configuration steps cover some AAA/RADIUS configuration commands. For details
about the commands, refer to AAA Configuration in the Security Volume.
Configurations on the host and RADIUS servers are omitted.
1) Configure the RADIUS protocol
# Configure a RADIUS scheme named radsun.
<Switch> system-view
[Switch] radius scheme radsun
[Switch-radius-radsun] primary authentication 192.168.1.2
[Switch-radius-radsun] primary accounting 192.168.1.3
[Switch-radius-radsun] secondary authentication 192.168.1.3
[Switch-radius-radsun] secondary accounting 192.168.1.2
[Switch-radius-radsun] key authentication name
[Switch-radius-radsun] key accounting money
[Switch-radius-radsun] timer response-timeout 5
[Switch-radius-radsun] retry 5
[Switch-radius-radsun] timer realtime-accounting 15
[Switch-radius-radsun] user-name-format without-domain
[Switch-radius-radsun] quit
1-14