H3C Technologies H3C S6300 Series Switches User Manual

Page 8

EAP termination ····················································································································································· 68

Configuring 802.1X ·················································································································································· 70

H3C implementation of 802.1X ··································································································································· 70

Configuration prerequisites ··········································································································································· 70

802.1X configuration task list ······································································································································· 70

Enabling 802.1X ···························································································································································· 71

Enabling EAP relay or EAP termination ······················································································································· 71

Setting the port authorization state ······························································································································ 72

Specifying an access control method ·························································································································· 72

Setting the maximum number of concurrent 802.1X users on a port ······································································· 72

Setting the maximum number of authentication request attempts ············································································· 73

Setting the 802.1X authentication timeout timers ······································································································· 73

Configuring the online user handshake function ········································································································ 74

Configuring the authentication trigger function ·········································································································· 74

Configuration guidelines ······································································································································ 75

Configuration procedure ······································································································································ 75

Specifying a mandatory authentication domain on a port ························································································ 75

Configuring the quiet timer ··········································································································································· 76

Enabling the periodic online user re-authentication function ····················································································· 76

Displaying and maintaining 802.1X ··························································································································· 76

802.1X authentication configuration example ··········································································································· 77

Network requirements ··········································································································································· 77

Verifying the configuration ··································································································································· 79

Configuring MAC authentication ······························································································································ 80

Overview ········································································································································································· 80

User account policies ············································································································································ 80

Authentication methods········································································································································· 80

Configuration task list ···················································································································································· 81

Enabling MAC authentication ······································································································································ 81

Specifying a MAC authentication domain ·················································································································· 82

Configuring the user account format ···························································································································· 82

Configuring MAC authentication timers ······················································································································ 83

Setting the maximum number of concurrent MAC authentication users on a port ·················································· 83

Configuring MAC authentication delay ······················································································································· 84

Displaying and maintaining MAC authentication ······································································································ 84

MAC authentication configuration examples ·············································································································· 85

Local MAC authentication configuration example····························································································· 85

RADIUS-based MAC authentication configuration example············································································· 86

Configuring portal authentication ····························································································································· 89

Extended portal functions ····································································································································· 89

Portal system components ····································································································································· 90

Interaction between portal system components ·································································································· 91

Portal authentication modes ································································································································· 91

Portal authentication process ······························································································································· 92

Portal configuration task list ·········································································································································· 94

Configuring a portal authentication server·················································································································· 95

Configuring a portal Web server ································································································································· 96

Enabling portal authentication on an interface ··········································································································· 96

Configuration restrictions and guidelines ··········································································································· 96

This manual is related to the following products:

H3C S5820V2 Series Switches H3C S5830 Series Switches H3C S5830V2 Series Switches H3C S3600V2 Series Switches