EasyManuals Logo
Home>HP>Switch>5120 EI Switch Series

HP 5120 EI Switch Series User Manual

HP 5120 EI Switch Series
304 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #60 background imageLoading...
Page #60 background image
50
[Switch] radius scheme rad
# Specify the primary authentication server.
[Switch-radius-rad] primary authentication 10.1.1.1 1812
# Set the shared key for authentication packets to expert.
[Switch-radius-rad] key authentication expert
# Configure the scheme to include the domain names in usernames to be sent to the RADIUS server.
[Switch-radius-rad] user-name-format with-domain
# Specify the service type for the RADIUS server, which must be extended when the RADIUS server runs
iMC.
[Switch-radius-rad] server-type extended
[Switch-radius-rad] quit
# Configure the AAA methods for the domain.
[Switch] domain bbb
[Switch-isp-bbb] authentication login radius-scheme rad
[Switch-isp-bbb] authorization login radius-scheme rad
[Switch-isp-bbb] quit
3. Verify the configuration
After you complete the configuration, the SSH user should be able to use the configured account to
access the user interface of the switch and can access the demands of level 0 through level 3. .
# Use the display connection command to view the connection information on the switch.
[Switch] display connection
Index=1 ,Username=hello@bbb
IP=192.168.1.58
IPv6=N/A
Total 1 connection(s) matched.
AAA for 802.1X users by a RADIUS server
Network requirements
As shown in Figure 15, configure the switch to use the RADIUS server to perform authentication,
authorization, and accounting for 802.1X users. Set the shared keys for authentication and authorization
packets exchanged between the switch and the RADIUS server to expert and set the ports for
authentication/authorization and accounting to 1812 and 1813 respectively. Configure the switch to
include the domain names in usernames to be sent to the RADIUS server.
Configure MAC-based access control on GigabitEthernet 1/0/1 to authenticate all 802.1X users on the
port separately.
Configure an account for the user, with the username dot1x@bbb. Configure the authentication server to
assign the host to VLAN 4 after the host passes authentication. Register a monthly service that charges
120 dollars for up to 120 hours per month for the user.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 5120 EI Switch Series and is the answer not in the manual?

HP 5120 EI Switch Series Specifications

General IconGeneral
BrandHP
Model5120 EI Switch Series
CategorySwitch
LanguageEnglish

Related product manuals