Network diagram, Configuration procedure – H3C Technologies H3C S3600 Series Switches User Manual

1-17

Network diagram

Figure 1-6 Network diagram for configuring port security mode macAddressWithRadius

Configuration procedure

z

The following configurations involve some AAA/RADIUS configuration commands. For details

about the commands, refer to AAA Operation.

z

Configurations on the user host and the RADIUS server are omitted.

z

Configure RADIUS parameters

# Create a RADIUS scheme named radius1.

system-view

[Switch] radius scheme radius1

# Specify the primary RADIUS authentication server and primary RADIUS accounting server.

[Switch-radius-radius1] primary authentication 192.168.1.3

[Switch-radius-radius1] primary accounting 192.168.1.2

# Specify the secondary RADIUS authentication server and secondary RADIUS accounting server.

[Switch-radius-radius1] secondary authentication 192.168.1.2

[Switch-radius-radius1] secondary accounting 192.168.1.3

# Set the shared key for message exchange between the switch and the RADIUS authentication

servers to name.

[Switch-radius-radius1] key authentication name

# Set the shared key for message exchange between the switch and the accounting RADIUS servers to

name.

[Switch-radius-radius1] key accounting name

# Configure the switch to send a username without the domain name to the RADIUS server.

[Switch-radius-radius1] user-name-format without-domain

[Switch-radius-radius1] quit

# Create a domain named aabbcc.net and enter its view.

[Switch] domain aabbcc.net

# Specify the RADIUS scheme for the domain.