Table of Contents
Advertisement
H3C Low-End Ethernet Switches Configuration Examples
ARP Attack Prevention
# Set the RADIUS authentication key to expert.
[SwitchA-radius-cams] key authentication expert
# Specify usernames sent to the RADIUS server to exclude the domain name.
[SwitchA-radius-cams] user-name-format without-domain
# Specify the service type as extended.
[SwitchA-radius-cams] server-type extended
[SwitchA-radius-cams] quit
# Create ISP domain host and reference RADIUS scheme cams.
[SwitchA] domain host
[SwitchA-isp-host] radius-scheme cams
[SwitchA-isp-host] quit
# Set ISP domain host as the default ISP domain.
[SwitchA] domain default enable host
# Enable 802.1x globally.
[SwitchA] dot1x
# Enable 802.1x on Ethernet 1/0/2.
[SwitchA] interface Ethernet1/0/2
[SwitchA-Ethernet1/0/2] dot1x
[SwitchA-Ethernet1/0/2] quit
# Enable 802.1x on Ethernet 1/0/3.
[SwitchA] interface Ethernet1/0/3
[SwitchA-Ethernet1/0/3] dot1x
[SwitchA-Ethernet1/0/3] quit
# Configure a default route to Gateway.
[SwitchA] ip route-static 0.0.0.0 0 192.168.0.1
II. Configure Switch B
# Create VLAN 20, and add Ethernet 1/0/1 through Ethernet 1/0/4 into VLAN 20.
<SwitchB> system-view
[SwitchB] vlan 20
[SwitchB-vlan20] port Ethernet 1/0/1 to Ethernet 1/0/4
[SwitchB-vlan20] quit
# Configure RADIUS scheme cams and specify a primary authentication server.
[SwitchB] radius scheme cams
[SwitchB-radius-cams] primary authentication 10.10.1.1
[SwitchB-radius-cams] accounting optional
# Set the RADIUS authentication key to expert.
Chapter 2 Configuration Examples
2-9
Advertisement
Chapters
Table of Contents
