Configuration procedure – H3C Technologies H3C S7500E Series Switches User Manual

9-16

Figure 9-2 Network diagram for configuring the userLoginWithOUI mode

Configuration procedure

z

The following configuration steps cover some AAA/RADIUS configuration commands. For details

about the commands, see AAA Configuration Commands in the Security Command Reference.

z

Configurations on the host and RADIUS servers are omitted.

1) Configure the RADIUS protocol

# Configure a RADIUS scheme named radsun.

system-view

[Switch] radius scheme radsun

[Switch-radius-radsun] primary authentication 192.168.1.2

[Switch-radius-radsun] primary accounting 192.168.1.3

[Switch-radius-radsun] secondary authentication 192.168.1.3

[Switch-radius-radsun] secondary accounting 192.168.1.2

[Switch-radius-radsun] key authentication name

[Switch-radius-radsun] key accounting money

[Switch-radius-radsun] timer response-timeout 5

[Switch-radius-radsun] retry 5

[Switch-radius-radsun] timer realtime-accounting 15

[Switch-radius-radsun] user-name-format without-domain

[Switch-radius-radsun] quit

# Configure ISP domain sun to use RADIUS scheme radsun for authentication, authorization, and

accounting of all types of users. Specify that the ISP domain can contain up to 30 users.

[Switch] domain sun

[Switch-isp-sun] authentication default radius-scheme radsun

[Switch-isp-sun] authorization default radius-scheme radsun

[Switch-isp-sun] accounting default radius-scheme radsun

[Switch-isp-sun] access-limit enable 30

[Switch-isp-sun] quit

2) Configure

802.1X