H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 12

vii

Configuring authentication methods for the ISP domain ················································································· 341

Configuring authorization methods for the ISP domain ·················································································· 343

Configuring accounting methods for the ISP domain ······················································································ 345

AAA configuration example ······································································································································· 346

RADIUS configuration ············································································································································· 351

RADIUS overview ························································································································································· 351

Configuring RADIUS ···················································································································································· 351

Recommended configuration procedure ··········································································································· 351

Configuring RADIUS servers ······························································································································ 352

Configuring RADIUS parameters ······················································································································· 353

RADIUS configuration example ·································································································································· 356

Configuration guidelines ············································································································································· 361

User configuration ··················································································································································· 363

User overview ······························································································································································· 363

Configuring users ························································································································································· 363

Configuring a local user ····································································································································· 363

Configuring a user group ··································································································································· 365

PKI configuration ····················································································································································· 367

PKI overview ································································································································································· 367

Configuring PKI ···························································································································································· 367

Recommended configuration procedure for manual request ·········································································· 368

Recommended configuration procedure for automatic request ······································································ 369

Creating a PKI entity ··········································································································································· 370

Creating a PKI domain ······································································································································· 371

Generating an RSA key pair ······························································································································ 374

Destroying the RSA key pair ······························································································································ 375

Retrieving a certificate ········································································································································ 375

Requesting a local certificate ····························································································································· 377

Retrieving and displaying a CRL ························································································································ 378

PKI configuration example ·········································································································································· 380

Port isolation group configuration ·························································································································· 385

Overview ······································································································································································· 385

Configuring an isolation group ·································································································································· 385

Recommended configuration procedure ··········································································································· 385

Adding port isolation groups ····························································································································· 385

Configuring member ports for a port isolation group ····················································································· 386

Port isolation configuration example·························································································································· 388

Authorized IP configuration ···································································································································· 391

Configuring authorized IP ··········································································································································· 391

Authorized IP configuration example ························································································································· 392

ACL and QoS ·························································································································································· 395

ACL overview ······················································································································································· 395

QoS overview ······················································································································································ 395

Configuring an ACL ····················································································································································· 396

Recommended ACL configuration procedures ································································································· 396

Configuring a time range ··································································································································· 397

Creating an IPv4 ACL ········································································································································· 398

Configuring a rule for a basic IPv4 ACL ··········································································································· 399