Basic 802.1X Configuration; Prerequisites; Configuring Basic 802.1X Functions - H3C S7500 Series Operation Manual
Hide thumbs
Also See for S7500 Series:
- Installation manual (79 pages) ,
- Operation manual (47 pages) ,
- Command manual (39 pages)
Table of Contents
Advertisement
Operation Manual – 802.1x
H3C S7500 Series Ethernet Switches
You can also specify to adopt RADIUS authentication scheme, with a local
authentication scheme as an alternative. In this case, the local authentication
scheme is adopted when the RADIUS server fails.
Refer to AAA-RADIUS-HWTACACS-EAD Operation Manual for detailed information
about AAA configuration.
1.3 Basic 802.1x Configuration
To utilize 802.1x features, you need to perform basic 802.1x configuration.
1.3.1 Prerequisites
Configure ISP domain and its AAA scheme, specify the authentication scheme
( RADIUS or a local scheme) .
For local authentication scheme, configure the service type of local users as
lan-access.
1.3.2 Configuring Basic 802.1x Functions
Table 1-1 Configure basic 802.1x functions
To do...
Enter system view
Enable 802.1x
globally
Enable 802.1x for
the specified ports
Specify access
control mode for
the specified ports
Specify access
method for the
specified ports
Specify
authentication
method for 802.1x
users
Use the command...
system-view
dot1x
Use the following command in system
view:
dot1x [ interface interface-list ]
Use the following command in port
view:
dot1x
dot1x port-control
{ authorized-force |
unauthorized-force | auto }
[ interface interface-list ]
dot1x port-method { macbased |
portbased } [ interface interface-list ]
dot1x authentication-method
{ chap | pap | eap }
1-13
Chapter 1 802.1x Configuration
Remarks
—
Required
Disabled by default
Required
Disabled by default
Optional
auto mode by default
Optional
macbased method
by default
Optional
By default, a switch
performs CHAP
authentication in
EAP termination
mode.
Advertisement
Chapters
Table of Contents
Troubleshooting
