Network requirements, Configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

240

AKM Method : 802.1X

4-Way Handshake State : PTKINITDONE

Group Key State : IDLE

Encryption Cipher : TKIP

Roam Status : Normal

Roam Count : 0

Up Time (hh:mm:ss) : 00:43:19

Configuring an 802.1X guest VLAN for a port security-enabled

port

Network requirements

As shown in

Figure 115

, an AP connects to an AC through a switch. The AC performs 802.1X

authentication for the wireless users, implements MAC-based access control on the ingress port, and

accepts concurrent 802.1X users.
Configure a guest VLAN on the ingress port of the AC, so any user that has failed authentication can

access VLAN 2.

Figure 115 Network diagram

Configuration procedure

NOTE:
•

This example covers only some of the required AAA and RADIUS configuration commands. For more
information, see "Configuring AAA."

•

The client-side and RADIUS server-side configuration procedures are not shown in this example.

•

For more information about WLAN configuration information, see

WLAN Command Reference.

1.

Perform RADIUS-related configurations. See steps in "

Configuring the userLoginWithOUI mode

."

2.

Configure the AC:
# Create VLAN 2.

system-view

[AC] vlan 2

[AC-vlan2] quit

# Enable port security.

[AC] port-security enable