Filter
Top Products
3Com Switch 8800 Configuration Guide Chapter 39 802.1x Configuration
39-13
II. Network diagram
Supplicant
Authentication Servers
(RADIUS Server Cluster
IP Address: 10.11.1.1
10.11.1.2)
Internet
Authenticator
Switch
Supplicant
Authentication Servers
(RADIUS Server Cluster
IP Address: 10.11.1.1
10.11.1.2)
Internet
Switch
Authentication Servers
(RADIUS Server Cluster
IP Address: 10.11.1.1
10.11.1.2)
Internet
Switch
Ethernet3/1/1
Figure 39-2 Enable 802.1x and RADIUS to perform AAA on the supplicant
III. Configuration procedure
Note:
The following examples concern most of the AAA/RADIUS configuration commands.
For details, refer to the chapter
AAA and RADIUS/TACACS+ Protocol Configuration.
The configurations of access user workstation is omitted.
RADIUS server configuration is carried out in terms of RADIUS schemes. A RADIUS
scheme actually can either be a stand-alone RADIUS server or two mutually backed up
RADIUS servers with the same configuration and different IP addresses. So, for each
RADIUS scheme, you need to configure the IP addresses for the primary and
secondary RADIUS servers, and the shared key.
Enable 802.1x globally.
[SW8800] dot1x
Enable the 802.1x performance on the specified port Ethernet 3/1/1.
[SW8800] dot1x interface Ethernet 3/1/1
Set the access control mode. (This command could not be configured, when it is
configured as MAC-based by default.)
[SW8800] dot1x port-method macbased interface Ethernet 3/1/1
Create the RADIUS scheme radius1 and enters its configuration mode.
[SW8800] radius scheme radius1
Set IP address of the primary authentication/accounting RADIUS servers.
[SW8800-radius-radius1] primary authentication 10.11.1.1