beautypg.com

2 example, Xample – GE ML1600 User Manual

Page 118

background image

7–6

MULTILINK ML1600 ETHERNET COMMUNICATIONS SWITCH – INSTRUCTION MANUAL

CONFIGURING 802.1X THROUGH THE COMMAND LINE INTERFACE

CHAPTER 7: ACCESS USING RADIUS

7.2.2

Example

Example 7-1 demonstrates how to secure the network using port access. Ensure there is
no 802.1x or RADIUS server defined. Only one RADIUS server can be defined for the entire
network.

Example 7-1: Setting port control parameters

802.1X Authenticator Configuration

==================================

Status: Disabled

RADIUS Authentication Server

==================================

IP Address:

0.0.0.0

UDP Port:

1812

Shared Secret:

ML1600#

auth

ML1600(auth)##

setport port=2 status=enable control=forceauth initialize=assert

Successfully set port control parameter(s)

ML1600(auth)##

auth disable

802.1X Authenticator is disabled.

ML1600(auth)##

authserver ip=3.204.240.1 secret=secret

Successfully set RADIUS Authentication Server parameter(s)

ML1600(auth)##

auth enable

802.1X Authenticator is enabled.

ML1600(auth)##

show auth ports

Port

Status

Control

Initialize

Current State

======================================================

1

Enabled

Auto

Deasserted

Authorized

2

Enabled

ForcedAuth

Asserted

Unauthorized

3

Enabled

Auto

Deasserted

Authorized

4

Enabled

Auto

Deasserted

Unauthorized

5

Enabled

Auto

Deasserted

Unauthorized

6

Enabled

Auto

Deasserted

Unauthorized

7

Enabled

Auto

Deasserted

Unauthorized

8

Enabled

Auto

Deasserted

Unauthorized

9

Enabled

Auto

Deasserted

Unauthorized

10

Enabled

Auto

Deasserted

Unauthorized

11

Enabled

Auto

Deasserted

Unauthorized

12

Enabled

Auto

Deasserted

Unauthorized

13

Enabled

Auto

Deasserted

Unauthorized

14

Enabled

Auto

Deasserted

Unauthorized

15

Enabled

Auto

Deasserted

Unauthorized

16

Enabled

Auto

Deasserted

Unauthorized

-- Port not available

ML1600(auth)##

show auth config

802.1X Authenticator Configuration

==================================

Status: Enabled

RADIUS Authentication Server

==================================

IP Address:

3.204.240.1

UDP Port:

1812

Shared Secret:

secret

(continued on following page)

The RADIUS server is on port 2. This port is
authenticated manually. If the RADIUS server is
several hops away, it may be necessary to
authenticate the interconnection ports. Make sure
the

setport port=2 status=enable

control=forceauth initialize=assert

command

is executed before the

auth enable

command.

The

auth disable

command is not

necessary. However, it is shown for
completeness in case a RADIUS
server was defined with a previously
set authentication scheme.

The RADIUS server is
connected on port #2

See also other documents in the category GE Computer Accessories: