Ii. network diagram, Iii. configuration procedure – H3C Technologies H3C S3100 Series Switches User Manual

Operation Manual – 802.1x

H3C S3100-52P Ethernet Switch

Chapter 1 802.1x Configuration

1-20

primary accounting server. The password for the switch and the authentication
RADIUS servers to exchange message is “name”. And the password for the
switch and the accounting RADIUS servers to exchange message is “money”. The
switch sends another packet to the RADIUS servers again if it sends a packet to
the RADIUS server and does not receive response for 5 seconds, with the
maximum number of retries of 5. And the switch sends a real-time accounting
packet to the RADIUS servers once in every 15 minutes. A user name is sent to
the RADIUS servers with the domain name truncated.

z

The user name and password for local 802.1x authentication are “localuser” and
“localpass” (in plain text) respectively. The idle disconnecting function is enabled.

II. Network diagram

Supplicant

Authentication s

(RADIUS Server

IP Address: 10.11.

10.

ervers

Cluster

1.1

11.1.2)

Internet

Authenticator

Switch

Supplicant

Authentication s

(RADIUS Server

IP Address: 10.11.

10.

ervers

Cluster

1.1

11.1.2)

Internet

Authenticator

Switch

Figure 1-11

Network diagram for AAA configuration with 802.1x and RADIUS enabled

III. Configuration procedure

Note:

Following configuration covers the major AAA/RADIUS configuration commands. Refer
to AAA,RADIUS,HWTACACS and EAD Operation Manual for the information about
these commands. Configuration on the client and the RADIUS servers is omitted.

# Enable 802.1x globally.

system-view

System View: return to User View with Ctrl+Z.

[H3C] dot1x

# Enable 802.1x for Ethernet1/0/1 port.

[H3C] dot1x interface Ethernet 1/0/1