Network requirements, Configuration procedure – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

61

[AC-isp-system] quit

•

To configure the default authentication and authorization methods for all types of users:

[AC] domain system

[AC-isp-system] authentication default local

[AC-isp-system] authorization default hwtacacs-scheme hwtac

2.

Verify the configuration

Telnet to the AC and enter the username telnet and password telnet. You pass authentication and log in

to the AC. Issuing the display connection command on the AC, you can see information about the user

connection.

RADIUS authentication, authorization, and accounting for

wireless users

Network requirements

As shown in

Figure 12

, there is a RADIUS server at 8.1.1.1/24, which uses the shared key ACkey to

authenticate AAA packets. Configure the AC to use the RADIUS server for authentication, authorization,
and accounting of wireless 802.1X users, send usernames that carry no domain name to the server, and

use the shared key ACkey to authenticate packets exchanged with the server.

Figure 12 Network diagram

Configuration procedure

1.

Configure the AC

# Assign IP addresses to the interfaces. (Details not shown.)
# Enable port security globally.

system-view

[AC] port-security enable

# Create a WLAN interface and configure the port security mode as userLoginSecureExt.

[AC] interface wlan-ess 1

[AC-WLAN-ESS1] port-security port-mode userlogin-secure-ext

# Enable the key negotiation function for the port.