Accton Technology ES4710BD User Manual

521

E

ES4710BD 10 Slots L2/L3/L4 Chassis Switch

time, the switch resends the request packet or sets the server as invalid according to
the current conditions.

Example: Setting the RADIUS authentication timeout timer value to 30 seconds.

Switch(Config)# radius-server timeout 30

20.3 802.1x Application Example

1 0 . 1 . 1 . 1

1 0 . 1 . 1 . 2

Ra d i u s Se r v e r

1 0 . 1 . 1 . 3

Fig 20-2 IEEE 802.1x Configuration Example Topology

The PC is connecting to port 1/2 of the switch; IEEE 802.1x authentication is enabled on port 1/2;

the access mode is the default MAC-based authentication. The switch IP address is 10.1.1.2. Any

port other than port 1/2 is used to connect to RADIUS authentication server, which has an IP address

of 10.1.1.3, and use the default port 1812 for authentication and port 1813 for accounting. IEEE

802.1x authentication client software is installed on the PC and is used in IEEE 802.1x

authentication.

The configuration procedures are listed below:

Switch(Config)#interface vlan 1

Switch(Config-if-vlan1)#ip address 10.1.1.2 255.255.255.0

Switch(Config-if-vlan1)#exit

Switch(Config)#radius-server authentication host 10.1.1.3

Switch(Config)#radius-server accounting host 10.1.1.3

Switch(Config)#radius-server key test

Switch(Config)#aaa enable

Switch(Config)#aaa-accounting enable

Switch(Config)#dot1x enable

Switch(Config)#interface ethernet 1/2

Switch(Config-Ethernet1/2)#dot1x enable

Switch(Config-Ethernet1/2)#dot1x port-control auto