Eap termination, Mac authentication configuration examples, Local mac authentication configuration example – H3C Technologies H3C S12500-X Series Switches User Manual

85

62B

MAC authentication configuration examples

201B

Local MAC authentication configuration example

416B

Network requirements

As shown in

789H

Figure 32

, configure local MAC authentication on port Ten-GigabitEthernet 1/0/1 to

control Internet access, as follows:

•

Configure the device to detect whether a user has gone offline every 180 seconds, and if a user fails
authentication, deny the user for 180 seconds.

•

Configure all users to belong to the ISP domain aabbcc, and specify local authentication for users
in the domain.

•

Use the MAC address of each user as the username and password for authentication, and require
the MAC addresses be hyphenated and in lower case.

Figure 32 Network diagram

417B

Configuration procedure

# Add a network access local user, configure both the username and password as the host's MAC

address 00-e0-fc-12-34-56, and specify the LAN access service for the account.

system-view

[Device] local-user 00-e0-fc-12-34-56 class network

[Device-luser-network-00-e0-fc-12-34-56] password simple 00-e0-fc-12-34-56

[Device-luser-network-00-e0-fc-12-34-56] service-type lan-access

[Device-luser-network-00-e0-fc-12-34-56] quit

# Configure ISP domain aabbcc to perform local authentication for LAN users.

[Device] domain aabbcc

[Device-isp-aabbcc] authentication lan-access local

[Device-isp-aabbcc] quit

# Enable MAC authentication globally.

[Device] mac-authentication

# Enable MAC authentication on port Ten-GigabitEthernet 1/0/1.

[Device] interface ten-gigabitethernet 1/0/1

[Device-Ten-GigabitEthernet1/0/1] mac-authentication

[Device-Ten-GigabitEthernet1/0/1] quit

# Specify the MAC authentication domain as the ISP domain aabbcc.

[Device] mac-authentication domain aabbcc

# Configure MAC authentication timers.

[Device] mac-authentication timer offline-detect 180

[Device] mac-authentication timer quiet 180