Configuration Guide Configuring 802.1X
Create an account on the RADIUS server.
Enable AAA on the NAS.
Configure RADIUS parameters on the NAS.
Enable 802.1X authentication on ports of the NAS.
NAS configurations are as follows. For detailed configuration on the RADIUS server, see the
Configuring RADIUS.
ruijie# configure terminal
ruijie (config)# aaa new-model
ruijie (config)# radius-server host 192.168.32.120
ruijie (config)# radius-server key ruijie
ruijie (config)# wlansec 1
Ruijie(config-wlansec)# security rsn enable
Ruijie(config-wlansec)# security rsn ciphers aes enable
Ruijie(config-wlansec)# security rsn akm 802.1x enable
Check whether authentication is proper and network access behaviors change after authentication.
The account is successfully created, such as username:tests-user,password:test.
The user fails to ping 192.168.32.120 before authentication.
After the user enters account information and click Authenticate on Ruijie Supplicant, the
authentication succeeds and the user can successfully ping 192.168.32.120.
Information of the authenticated user is displayed.
ruijie# show dot1x summary
ID Username MAC Interface VLAN Auth-State Backend-State
Port-Status User-Type Time
--------- ---------- -------------- --------- ---- --------------- -------------
----------- --------- ------------------
16778217 ts-user 0023.aeaa.4286 wlan 1 2 Authenticated Idle Authed
static 0days 0h 0m 7s
Common Errors
RADIUS parameters are incorrectly configured.
The RADIUS server has a special access policy, for example, the RADIUS packets must carry certain attributes.
The AAA authentication mode list is different from the 802.1X authentication mode list, causing authentication failure.
4.4.2 Configuring 802.1X Parameters
Configuration Effect
To Next Page
Loading...
Need help?
General
