EasyManuals Logo
Home>HP>Switch>3600 v2 Series

HP 3600 v2 Series Configuration Guide

HP 3600 v2 Series
449 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #113 background imageLoading...
Page #113 background image
100
4. Configure a RADIUS scheme:
# Configure RADIUS scheme 2000 and enter its view.
<Device> system-view
[Device] radius scheme 2000
# Specify primary and secondary authentication and accounting servers. Set the shared key to abc
for authentication and accounting packets.
[Device-radius-2000] primary authentication 10.11.1.1 1812
[Device-radius-2000] primary accounting 10.11.1.1 1813
[Device-radius-2000] key authentication abc
[Device-radius-2000] key accounting abc
# Exclude the ISP domain name from the username sent to the RADIUS server.
[Device-radius-2000] user-name-format without-domain
[Device-radius-2000] quit
5. Configure an ISP domain:
# Create ISP domain bbb and enter its view.
[Device] domaim bbb
# Apply RADIUS scheme 2000 to the ISP domain for authentication, authorization, and
accounting.
[Device-isp-bbb] authentication lan-access radius-scheme 2000
[Device-isp-bbb] authorization lan-access radius-scheme 2000
[Device-isp-bbb] accounting lan-access radius-scheme 2000
[Device-isp-bbb] quit
6. Configure 802.1X:
# Enable 802.1X globally.
[Device] dot1x
# Enable 802.1X for port Ethernet 1/0/2.
[Device] interface ethernet 1/0/2
[Device-Ethernet1/0/2] dot1x
# Implement port-based access control on the port.
[Device-Ethernet1/0/2] dot1x port-method portbased
# Set the port authorization mode to auto. This step is optional. By default, the port is in auto mode.
[Device-Ethernet1/0/2] dot1x port-control auto
[Device-Ethernet1/0/2] quit
# Set VLAN 10 as the 802.1X guest VLAN for port Ethernet 1/0/2.
[Device] dot1x guest-vlan 10 interface ethernet 1/0/2
Verifying the configuration
Use the display dot1x interface ethernet 1/0/2 command to verify the 802.1X guest VLAN configuration
on Ethernet 1/0/2. If no user passes authentication on the port within a specific period of time, use the
display vlan 10 command to verify whether Ethernet 1/0/2 is assigned to VLAN 10.
After a user passes authentication, you can use the display interface ethernet 1/0/2 command to verity
that port Ethernet 1/0/2 has been added to VLAN 5.

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Security Configuration Guide
Security Configuration Guide398 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals