Access device configuration, Creating a radius scheme, Creating a domain – H3C Technologies H3C Intelligent Management Center User Manual
Page 64: Enabling mac address authentication, Vpn authentication and uam local authentication
46
Figure 36 Enabling transparent MAC authentication in the user self-service center
•
After a user passes anonymous MAC authentication, UAM automatically performs transparent
MAC authentication on the user when the user registers an account.
For more information about anonymous MAC authentication, see "
."
Access device configuration
For specific commands for each access device configuration item, see the access device configuration
guide or command reference.
To configure the access device:
1.
Create a RADIUS scheme.
2.
Create a domain.
3.
Enable MAC address authentication.
Creating a RADIUS scheme
An access device exchanges RADIUS packets with UAM according to the configured RADIUS scheme.
When you configure a RADIUS scheme, follow these guidelines:
•
The authentication server IP and the accounting server IP that you specified in the RADIUS scheme
must be the IP address of the UAM server.
•
The shared key and authentication/accounting port specified in the RADIUS scheme must be
consistent with those configured for the access device on UAM.
Creating a domain
When you configure a domain, follow these guidelines:
•
For MAC authentication, select LAN access as the endpoint user authentication function.
•
The RADIUS scheme used by the domain must be configured as explained in the previous topic.
Enabling MAC address authentication
1.
Enable MAC address authentication globally and on an interface.
2.
Specify the domain created in the previous step for MAC address authentication.
VPN authentication and UAM local authentication
To implement VPN authentication and UAM local authentication, you must configure UAM, VPN
gateway, and iNode client (PC).
shows the configuration items and the recommended
configuration procedure.