H3C LS-3100-52P-OVS-H3 Operation Manual page 1385

MAC authentication is required on every port to control user access to the Internet.
Set the offline detect timer to 180 seconds and the quiet timer to 3 minutes.
All users belong to ISP domain 2000.
The username type of fixed username is used for authentication, with the username being aaa and
password being 123456.
Figure 1-2 Network diagram for MAC authentication using RADIUS
Configuration procedure
It is required that the RADIUS server and the device are reachable to each other and the username and
password are configured on the server.
1) Configure MAC authentication on the device
# Configure a RADIUS scheme.
<Device> system-view
[Device] radius scheme 2000
[Device-radius-2000] primary authentication 10.1.1.1 1812
[Device-radius-2000] primary accounting 10.1.1.2 1813
[Device-radius-2000] key authentication abc
[Device-radius-2000] key accounting abc
[Device-radius-2000] user-name-format without-domain
[Device-radius-2000] quit
# Specify the AAA schemes for the ISP domain.
[Device] domain 2000
[Device-isp-2000] authentication default radius-scheme 2000
[Device-isp-2000] authorization default radius-scheme 2000
[Device-isp-2000] accounting default radius-scheme 2000
[Device-isp-2000] quit
# Enable MAC authentication globally.
[Device] mac-authentication
# Enable MAC authentication for port GigabitEthernet 1/0/1.
1-6