Installation manual

ManualsBrandsQuidway ManualsComputer equipmentS3000-EI Series

211

212

213

214

215

216

217

218

219

220

Operation Manual - Security

Quidway S3000-EI Series Ethernet Switches Chapter 1

802.1x Configuration

Huawei Technologies Proprietary

1-16

user name. Normally, if the user’s

traffic is less than 2kbps consistently over 20 minutes, he will be disconnected.

et the encryption key as “name” when the system

ADIUS server and “money” when the

system exchanges packets with the accounting RADIUS server. Configure the system

to retransmit pa RADIUS server if no respo in 5 seconds.

r e RADIUS The system is

in he

domai

lo text). The idle cut fu ed.

II.

accessed, the domain name does not follow the

A server group, consisting of two RADIUS servers at 10.11.1.1 and 10.11.1.2

respectively, is connected to the switch. The former one acts as the

primary-authentication/secondary-accounting server. The latter one acts as the

primary-accounting server. S

exchanges packets with the authentication R

ckets to the nse received

etransmit the packet no more than 5 time

eal-time accounting packet to th

s in all. Configure the system to transmit a

server every 15 minutes.

structed to transmit the user name to t

n name.

RADIUS server after removing the user

he user name of the local 802.1x acces

calpass (input in plain

s user is localuser and the password is

nction is enabl

Networking diagram

Supplicant

Authentication Servers

(RADIUS Server Cluster

IP Address: 10.11.1.1

10.11.1.2)

Internet

Authenticator

Switch

Supplicant

Authentication Servers

(RADIUS Server Cluster

IP Address: 10.11.1.1

10.11.1.2)

Internet

Authenticator

Switch

Supplicant

Authentication Servers

(RADIUS Server Cluster

IP Address: 10.11.1.1

10.11.1.2)

Internet

Authenticator

E0/1

Switch

Supplicant

Authentication Servers

(RADIUS Server Cluster

IP Address: 10.11.1.1

10.11.1.2)

Internet

Authenticator

Switch

Supplicant

Authentication Servers

(RADIUS Server Cluster

IP Address: 10.11.1.1

10.11.1.2)

Internet

Authenticator

Switch

Figure 1-2 Enabling 802.1x and RADIUS to perform AAA on the supplicant

I. Configuration procedure

 Note:

The following examples concern most of the AAA/RADIUS configuration commands.

For details, refer to the chapter AAA and RADIUS Protocol Configuration.

The configurations of accessing user workstation and the RADIUS server are omitted.