Configuration Example - H3C S7500 Series Operation Manual
Hide thumbs
Also See for S7500 Series:
- Installation manual (79 pages) ,
- Operation manual (47 pages) ,
- Command manual (39 pages)
Table of Contents
Advertisement
Operation Manual – 802.1x
H3C S7500 Series Ethernet Switches
Table 1-7 Display and debug 802.1x
Display the configuration,
health, and statistics about
802.1x
Clear 802.1x-related statistics
information
1.7 Configuration Example
1.7.1 802.1x Configuration Example
I. Network requirements
Supplicant systems are authenticated on all ports to control their accesses to the
Internet. The switch operates in MAC address-based access control mode.
All supplicant systems that pass the authentication belong to the default domain
named aabbcc.net. The domain can accommodate up to 30 users. For
authentication, a supplicant system is authenticated locally if the RADIUS server
fails. For accounting, a supplicant system is disconnected if the RADIUS server
fails. The name of an authenticated supplicant system is not suffixed with the
domain name. The switch will tear down the connection to the supplicant system if
the traffic is less than 2,000 bytes within 20 minutes.
The switch is connected to the server group composed of two RADIUS servers
whose IP addresses are 10.11.1.1 and 10.11.1.2 respectively. The RADIUS
server with an IP address of 10.11.1.1 operates as the primary authentication
server and the secondary accounting server. The other operates as the secondary
authentication server and the primary accounting server. The password for the
switch and the authentication RADIUS servers to exchange message is name.
And the password for the switch and the accounting RADIUS servers to exchange
message is money. When the switch sends a packet to the RADIUS server but
does not receive any response in 5 seconds, it will send the packet to the RADIUS
servers again for a maximum number of 5 retries. And the switch sends a real-time
accounting packet to the RADIUS servers once in every 15 minutes. A user name
is sent to the RADIUS servers with the domain name truncated.
The user name and password for local 802.1x authentication are localuser and
localpass (in plain text) respectively. The idle disconnecting function is enabled.
To do...
Use the command...
display dot1x [ sessions |
statistics ] [ interface
interface-list ]
reset dot1x statistics [ interface
interface-list ]
1-19
Chapter 1 802.1x Configuration
Remarks
In any view
In user view
Advertisement
Chapters
Table of Contents
Troubleshooting
