beautypg.com

H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 253

background image

237

Figure 225 userlogin-secure/userlogin-secure-ext port security configuration page (userlogin-secure is

taken for example)

Table 93 Configuration items

Item Description

Port Mode

userlogin-secure—Perform MAC-based 802.1X authentication for access users.
In this mode, multiple 802.1X authenticated users can access the port, but only

one user can be online.

userlogin-secure-ext—Perform MAC-based 802.1X authentication for access

users. In this mode, the port supports multiple 802.1X users.

Max User

Control the maximum number of users allowed to access the network through the
port.

Mandatory Domain

Select an existing domain from the list.
The default domain is system. To create a domain, select Authentication > AAA from
the navigation tree, click the Domain Setup tab, and enter a new domain name in

the Domain Name field.

The selected domain name applies to only the current wireless service, and all

clients accessing the wireless service use this domain for authentication,

authorization, and accounting.

Do not delete a domain name in use. Otherwise, the clients that access the

wireless service will be logged out.

Authentication Method

EAP—Use the Extensible Authentication Protocol (EAP). With EAP authentication,

the authenticator encapsulates 802.1X user information in the EAP attributes of

RADIUS packets and sends the packets to the RADIUS server for authentication;
it does not need to repackage the EAP packets into standard RADIUS packets for

authentication.

CHAP—Use the Challenge Handshake Authentication Protocol (CHAP). By

default, CHAP is used. CHAP transmits usernames in simple text and passwords

in cipher text over the network. Therefore this method is safer.

PAP—Use the Password Authentication Protocol (PAP). PAP transmits passwords

in plain text.

Handshake

Enable—Enable the online user handshake function so that the device can

periodically send handshake messages to a user to check whether the user is

online. By default, the function is enabled.

Disable—Disable the online user handshake function.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: