Filter
Top Products
50 CHAPTER 9: PORT SECURITY CONFIGURATION GUIDE
# Specify the secondary RADIUS authentication server and secondary RADIUS
accounting server.
[3Com-radius-radius1] secondary authentication 192.168.1.2
[3Com-radius-radius1] secondary accounting 192.168.1.3
# Set the shared key for message exchange between the switch and the RADIUS
authentication servers to name.
[3Com-radius-radius1] key authentication name
# Set the shared key for message exchange between the switch and the
accounting RADIUS servers to money.
[3Com-radius-radius1] key accounting money
# Configure the switch to send a username without the domain name to the
RADIUS server.
[3Com-radius-radius1] user-name-format without-domain
[3Com-radius-radius1] quit
# Create a domain named aabbcc.net and enter its view.
[3Com] domain aabbcc.net
# Specify the RADIUS scheme for the domain.
[3Com-isp-aabbcc.net] scheme radius-scheme radius1
[3Com-isp-aabbcc.net] quit
# Set aabbcc.net as the default user domain.
[3Com] domain default enable aabbcc.net
# Configure the switch to use MAC addresses as usernames for authentication,
specifying that the MAC addresses should be lowercase without separators.
[3Com] mac-authentication authmode usernameasmacaddress usernameform
at without-hyphen
# Specify the ISP domain for MAC authentication.
[3Com] mac-authentication domain aabbcc.net
# Enable port security.
[3Com] port-security enable
# Set the port security mode to mac-authentication.
[3Com] interface Ethernet 1/0/1
[3Com-Ethernet1/0/1] port-security port-mode mac-authentication
# Configure the port to drop packets whose source addresses are the same as that
of the packet failing MAC authentication after intrusion protection is triggered.