beautypg.com

Acl assignment configuration example, Network requirements, Configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 156

background image

142

Authenticate success: 1, failed: 0

Max number of on-line users is 4096

Current online user number is 1

MAC Addr Authenticate State Auth Index

000e-35b2-8be9 MAC_AUTHENTICATOR_SUCCESS 1297

# Display the online user information.

display connection

Index=1297,Username=aaa@2000

MAC=00-0E-35-B2-8B-E9

IP=N/A

IPv6=N/A

Total 2 connection(s) matched.

ACL assignment configuration example

Network requirements

As shown in

Figure 66

, a WLAN client connects to the AC and the AC uses RADIUS servers to perform

authentication, authorization, and accounting.
Perform MAC authentication on port WLAN-ESS 0 to control Internet access. Make sure that an

authenticated user can access the Internet but the FTP server at 10.0.0.1.
Use MAC-based user accounts for MAC authentication users. The MAC addresses are hyphen separated

and in lower case.

Figure 66 Network diagram

Configuration procedure

NOTE:

Make sure that the RADIUS server and the AC can reach each other.

1.

Add a user account with 00-e0-fc-12-34-56 as both the username and password on the RADIUS
server, and specify ACL 3000 as the authorization ACL for the user account. (Details not shown.)

FTP server

Authentication servers
(RADIUS server cluster)

10.1.1.1
10.1.1.2

Internet

AC

192.168.1.10/24

AP

L2switch

Client

10.0.0.1