H3C Technologies H3C S7500E Series Switches User Manual

8-18

Figure 8-9 Port group configuration

# Select Service Parameters > Validate System Configuration from the navigation tree to

make the above configurations take effect.

2) Configure

the

switch:

z

Configure a RADIUS scheme

# Create a RADIUS scheme named rs1 and enter its view.

system-view

[Switch] radius scheme rs1

# Set the server type for the RADIUS scheme. When using the iMC server, you need set the

server type to extended.

[Switch-radius-rs1] server-type extended

# Specify the primary authentication server and primary accounting server, and configure the

keys for communication with the servers.

[Switch-radius-rs1] primary authentication 192.168.0.112

[Switch-radius-rs1] primary accounting 192.168.0.112

[Switch-radius-rs1] key authentication radius

[Switch-radius-rs1] key accounting radius

# Specify that the ISP domain name should not be included in the username sent to the

RADIUS server.

[Switch-radius-rs1] user-name-format without-domain

[Switch-radius-rs1] quit

z

Configure an authentication domain

# Create an ISP domain named dm1 and enter its view.

[Switch] domain dm1

# Configure the ISP domain to use RADIUS scheme rs1.

[Switch-isp-dm1] authentication portal radius-scheme rs1

[Switch-isp-dm1] authorization portal radius-scheme rs1

[Switch-isp-dm1] accounting portal radius-scheme rs1

[Switch-isp-dm1] quit

# Configure dm1 as the default ISP domain for all users. Then, if a user enters a username

without any ISP domain at logon, the authentication and accounting methods of the default

domain will be used for the user.