Operation Manual – 802.1x
Quidway S3100 Series Ethernet Switches Chapter 1
802.1x Configuration
Huawei Technologies Proprietary
1-14
Operation Command Description
Set port access
control mode for
specified ports
dot1x port-control
{ authorized-force |
unauthorized-force | auto }
[ interface interface-list ]
Optional
By default, an 802.1x-enabled
port operates in an auto
mode.
Set port access
method for
specified ports
dot1x port-method
{ macbased | portbased }
[ interface interface-list ]
Optional
The default port access
method is
MAC-address-based (that is,
the macbased keyword is
used by default).
Set authentication
method for 802.1x
users
dot1x
authentication-method
{ chap | pap | eap }
Optional
By default, a switch performs
CHAP authentication in EAP
terminating mode.
Enter ISP domain
view to configure
the ISP domain
domain isp-name
Optional
The default ISP domain is
“system”. This command is
required if the name of the ISP
domain to which the current
802.1x user belongs is not
“system”.
Configure the AAA
scheme to be
adopted in the ISP
domain
scheme { radius-scheme
radius-scheme-name
[ local ] | local | none }
Optional
By default, a switch adopts a
local authentication scheme.
Quit the current
view and enter
system view
quit
—
Create a local user
account and enter
local user view
local-user user-name
Optional
This command is required if
you specify to adopt a local
authentication scheme.
Set a password for
the local user
account
password { simple |
cipher } password
—
Set the service
type and user level
for the local user
service-type lan-access
Optional
This command is required if
you specify to adopt a local
authentication scheme.
The default user level is 0
Quit the current
view and enter
system view
quit
—