Configuring Dot1X; Configuring Aaa - Zte ZXR10 8900 Series User Manual

10 gigabit routing switch

Hide thumbs Also See for ZXR10 8900 Series:

Command manual (177 pages)

User manual (160 pages)

Command reference manual (147 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

page of 186

/ 186
Contents
Table of Contents
Bookmarks

Table of Contents

ZXR10 8900 Series User Manual (Basic Configuration Volume)

Authentication

Server System

Step Command

ZXR10(config)#

ZXR10(config-nas)#

<port-name>][vlan <vlan-id>]

ZXR10(config-nas)#

{dot1x|dot1x-relay}{enable|disable}

ZXR10(config-nas)#

{auto|locl|radius}

ZXR10(config-nas)#

{pap|chap|eap}

ZXR10(config-nas)#

[period <period-value>]|disable}

ZXR10(config-nas)#

{enable|disable}

ZXR10(config-nas)#

{enable [max-hosts <host-number>]|disable}

ZXR10(config-nas)#

<isp-name>

ZXR10(config-nas)#

{enable|disable}

ZXR10(config-nas)#

<group-name>

114

Confidential and Proprietary Information of ZTE CORPORATION

thentication channel for each user and other users cannot use the

logical channel after the port is enabled.

Authentication server is usually a

server user-related information is stored such as the VLAN where

the user locates, CAR parameter, priority and access control list

of the user. Once the user passes authentication, the authentica-

tion server delivers user-related information to the authentication

system which creates a dynamic access control list. The above

parameters are used to measure subsequent traffic of the user.

Authentication server and RADIUS server communicate with each

other through the RADIUS protocol.

Configuring DOT1x

Configuring AAA

To configure AAA, perform the following steps.

nas

create aaa <rule-id>[port

aaa <rule-id> control

aaa <rule-id> authentication

aaa <rule-id> protocol

aaa <rule-id> keepalive {enable

aaa <rule-id> accounting

aaa <rule-id> multiple-hosts

aaa <rule-id> default-isp

aaa <rule-id> fullaccount

aaa <rule-id> groupname

RADIUS

server. In authentication

Function

This enters nas configuration

mode

This creates AAA control entry

This enables/disables dot1x

authentication or relay

This selects an authentication

mode

This selects an authentication

protocol

This configures keepalive

interval

This configures to charge or

not

This configures whether

multiple users are allowed or

not and configures user quota

This configures the default

ISP server name

This configures whether to

contain ISP domain name in

user name

This configures a group name

Table of Contents

Show Quick Links

Quick Links:
Configuring Telnet Connection

Hide quick links:

Table of Contents

Configuring Dot1X; Configuring Aaa - Zte ZXR10 8900 Series User Manual

Configuring DOT1x

Configuring AAA

Hide quick links:

Related Manuals for Zte ZXR10 8900 Series

Related Content for Zte ZXR10 8900 Series

Table of Contents