beautypg.com

Configuring the userloginwithoui mode, Network requirements – H3C Technologies H3C S7500E Series Switches User Manual

Page 183

background image

9-15

In addition, you will see that the port security feature has disabled the port if you issue the following

command:

[Switch-GigabitEthernet2/0/1] display interface gigabitethernet 2/0/1

GigabitEthernet2/0/1 current state: Port Security Disabled

IP Packet Frame Type: PKTFMT_ETHNT_2, Hardware Address: 000f-cb00-5558

Description: GigabitEthernet2/0/1 Interface

......

The port should be re-enabled 30 seconds later.

[Switch-GigabitEthernet2/0/1] display interface gigabitethernet 2/0/1

GigabitEthernet2/0/1 current state: UP

IP Packet Frame Type: PKTFMT_ETHNT_2, Hardware Address: 000f-cb00-5558

Description: GigabitEthernet2/0/1 Interface

......

Now, if you manually delete several secure MAC addresses, the port security mode of the port will be

restored to autoLearn, and the port will be able to learn MAC addresses again.

Configuring the userLoginWithOUI Mode

Network requirements

As shown in

Figure 9-2

, a client is connected to the switch through port GigabitEthernet 2/0/1. The

switch authenticates the client with a RADIUS server. If the authentication succeeds, the client is

authorized to access the Internet.

z

The RADIUS server at 192.168.1.2 functions as the primary authentication server and the

secondary accounting server, and the RADIUS server at 192.168.1.3 functions as the secondary

authentication server and the primary accounting server. The shared key for authentication is

name, and that for accounting is money.

z

All users use the default authentication, authorization, and accounting methods of ISP domain

sun, which can accommodate up to 30 users.

z

The RADIUS server response timeout time is five seconds and the maximum number of RADIUS

packet retransmission attempts is five. The switch sends real-time accounting packets to the

RADIUS server at an interval of 15 minutes, and sends user names without domain names to the

RADIUS server.

Configure port GigabitEthernet 2/0/1 of the switch to:

z

Allow only one 802.1X user to be authenticated.

z

Allow up to 16 OUI values to be configured and allow one terminal that uses any of the OUI

values to access the port in addition to an 802.1X user.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: