Filter
Top Products
52 CHAPTER 9: PORT SECURITY CONFIGURATION GUIDE
On port Ethernet 1/0/1 of the switch, perform configurations to meet the
following requirements:
■ Allow one 802.1x user to get online.
■ Set two OUI values, and allow only one user whose MAC address matches one
of the two OUI values to get online.
■ Configure port security trapping to monitor the operations of the
802.1x-authenticated user.
Applicable Products
Configuration Procedure
n
■ The following configurations involve some AAA/RADIUS configuration
commands. For details about the commands, refer to “AAA Configuration” in
the Configuration Guide for your product.
■ Configurations on the user host and the RADIUS server are omitted.
■ Configure RADIUS parameters
# Create a RADIUS scheme named radius1.
<3Com> system-view
[3Com] radius scheme radius1
# Specify the primary RADIUS authentication server and primary RADIUS
accounting server.
[3Com-radius-radius1] primary authentication 192.168.1.3
[3Com-radius-radius1] primary accounting 192.168.1.2
# Specify the secondary RADIUS authentication server and secondary RADIUS
accounting server.
[3Com-radius-radius1] secondary authentication 192.168.1.2
[3Com-radius-radius1] secondary accounting 192.168.1.3
# Set the shared key for message exchange between the switch and the RADIUS
authentication servers to name.
[3Com-radius-radius1] key authentication name
# Set the shared key for message exchange between the switch and the
accounting RADIUS servers to money.
[3Com-radius-radius1] key accounting money
# Set the interval and the number of packet transmission attempts for the switch
to send packets to the RADIUS server.
Product series Software version Hardware version
Switch 5500 Release V03.02.04 All versions
Switch 5500G Release V03.02.04 All versions
Switch 4500 Release V03.03.00 All versions