H3C Technologies H3C S7500E Series Switches User Manual
H3C Technologies Routers
This manual is related to the following products:
Table of contents
Document Outline
- Title Page
- Preface
- Table of Contents
- 1 AAA Overview
- 2 AAA Configuration
- AAA Configuration Considerations and Task List
- Configuring AAA Schemes
- Configuring Local Users
- Configuring RADIUS Schemes
- RADIUS scheme configuration task list
- Creating a RADIUS scheme
- Specifying the RADIUS authentication/authorization servers
- Specifying the RADIUS accounting servers and relevant parameters
- Setting the shared keys for RADIUS packets
- Setting the maximum number of RADIUS request transmission attempts
- Setting the supported RADIUS server type
- Setting the status of RADIUS servers
- Configuring attributes for data to be sent to the RADIUS servers
- Specifying the source IP address for RADIUS packets to be sent
- Setting timers for controlling communication with RADIUS servers
- Specifying a security policy server
- Configuring interpretation of RADIUS class attribute as CAR parameters
- Enabling the RADIUS trap function
- Enabling the listening port of the RADIUS client
- Displaying and maintaining RADIUS
- Configuring HWTACACS Schemes
- HWTACACS configuration task list
- Creating an HWTACACS scheme
- Specifying the HWTACACS authentication servers
- Specifying the HWTACACS authorization servers
- Specifying the HWTACACS accounting servers
- Setting the shared keys for HWTACACS packets
- Configuring attributes for data to be sent to the HWTACACS servers
- Specifying the source IP address for HWTACACS packets to be sent
- Setting timers for controlling communication with HWTACACS servers
- Displaying and maintaining HWTACACS
- Configuring AAA Methods for ISP Domains
- Tearing Down User Connections Forcibly
- Configuring a NAS ID-VLAN Binding
- Displaying and Maintaining AAA
- 3 AAA Configuration Examples
- AAA Configuration Examples
- 4 Troubleshooting AAA
- 5 802.1X Configuration
- 802.1X Overview
- 802.1X Configuration
- Configuration Prerequisites
- 802.1X Configuration Task List
- Enabling 802.1X on a Port
- Specifying the Authentication Method of 802.1X Users
- Specifying the Port Authorization Mode
- Specifying the Access Control Method
- Configuring the Maximum Number of Users Accessible to a Port
- Setting the Maximum Number of Attempts for Sending an Authentication Request
- Setting 802.1X Timers
- Configuring the Online User Handshake Function
- Enabling the Proxy Detection Function
- Enabling the Multicast Trigger Function
- Enabling the Unicast Trigger Function
- Specifying a Mandatory Authentication Domain for a Port
- Enabling the Quiet Timer
- Enabling the Re-Authentication Function
- Configuring a Guest VLAN
- Configuring an Auth-Fail VLAN
- Displaying and Maintaining 802.1X
- 802.1X Configuration Examples
- 6 802.1X-Based EAD Fast Deployment Configuration
- 7 MAC Authentication Configuration
- MAC Authentication Overview
- MAC Authentication Timers
- Features Used Together with MAC Authentication
- MAC Authentication Configuration Task List
- Basic Configuration for MAC Authentication
- Specifying a Domain for MAC Authentication Users
- Displaying and Maintaining MAC Authentication
- MAC Authentication Configuration Examples
- 8 Portal Configuration
- Portal Overview
- Portal Configuration Task List
- Basic Portal Configuration
- Configuring a Portal-Free Rule
- Configuring an Authentication Subnet
- Specifying the Source IP Address for Portal Packets to Be Sent
- Logging out Users
- Specifying the Authentication Domain for Portal Users
- Specifying a NAS ID Profile for an Interface
- Setting the Maximum Number of Online Portal Users
- Displaying and Maintaining Portal
- Portal Configuration Examples
- Configuring Direct Portal Authentication
- Configuring Re-DHCP Portal Authentication
- Configuring Layer 3 Portal Authentication
- Configuring Direct Portal Authentication with Extended Functions
- Configuring Re-DHCP Portal Authentication with Extended Functions
- Configuring Layer 3 Portal Authentication with Extended Functions
- Troubleshooting Portal
- 9 Port Security Configuration
- Introduction to Port Security
- Port Security Configuration Task List
- Enabling Port Security
- Setting the Maximum Number of Secure MAC Addresses
- Setting the Port Security Mode
- Configuring Port Security Features
- Configuring Secure MAC Addresses
- Ignoring Authorization Information from the Server
- Displaying and Maintaining Port Security
- Port Security Configuration Examples
- Troubleshooting Port Security
- 10 User Profile Configuration
- 11 Public Key Configuration
- SSH2.0 Configuration
- SSH2.0 Overview
- Configuring the Device as an SSH Server
- Configuring the Device as an SSH Client
- Displaying and Maintaining SSH
- SSH Server Configuration Examples
- SSH Client Configuration Examples
- 12 SFTP Configuration
- 13 IP Source Guard Configuration
- IP Source Guard Overview
- Configuring a Static IP Source Guard Entry
- Configuring the Dynamic IP Source Guard Binding Function
- Displaying and Maintaining IP Source Guard
- IP Source Guard Configuration Examples
- Troubleshooting IP Source Guard
- 14 ARP Attack Protection Configuration
- ARP Attack Protection Overview
- ARP Attack Protection Configuration Task List
- Configuring ARP Defense Against IP Packet Attacks
- Configuring ARP Active Acknowledgement
- Configuring Source MAC Address Based ARP Attack Detection
- Configuring ARP Packet Rate Limit
- Configuring ARP Detection
- Introduction
- Configuring ARP Detection Based on Specified Objects
- Enabling ARP Detection Based on Static IP Source Guard Binding Entries/DHCP Snooping Entries/802.1X Security Entries/OUI MAC Addresses
- Displaying and Maintaining ARP Detection
- ARP Detection Configuration Example I
- ARP Detection Configuration Example II
- 15 URPF Configuration
- 16 Index