Auto Vlan Configuration Example - 3Com 4500 PWR 26-Port Configuration Manual

# Configure the domain name of the HWTACACS scheme to hwtac.
[Sysname] domain hwtacacs
[Sysname-isp-hwtacacs] scheme hwtacacs-scheme hwtac

Auto VLAN Configuration Example

Network requirements
As shown in Figure
authenticate users. After a user passes the authentication on a port, the RADIUS server issues a VLAN
list to the switch, which assigns the authentication port to a VLAN that the IP phone needs to access.
After that, the IP phone can access the network. The access control mode is port-based.
All users belong to ISP domain abc; the RADIUS scheme is bbb;
The RADIUS server is connected to Switch; the IP address of the RADIUS server is 1.1.1.1.
The shared key used when Switch and the RADIUS server exchange packets is hello.
Network diagram
Figure 33-5 Network diagram for Auto VLAN configuration
Configuration procedure
Configuration on the RADIUS server
The configuration may vary on different RADIUS servers. Configure VLAN lists on the RADIUS server
by referring to Configuring dynamic VLAN list
Configuration on 802.1x clients
The configuration may vary on different 802.1x clients. Configure 802.1x clients by referring to related
802.1x client configuration guides.
Configuration on the authentication switch
<Switch> system-view
# Configure the authentication scheme.
[Switch] radius scheme bbb
[Switch-radius-bbb] primary authentication 1.1.1.1
[Switch-radius-bbb] key authentication hello
[Switch-radius-bbb] primary accounting 1.1.1.1
[Switch-radius-bbb] key accounting hello
33-5, use 802.1X authentication on Ethernet 1/0/1 and Ethernet 1/0/2 to
assignment.
33-33