Quidway S3000 Series Operation Manual
Operation Manual - Security
Quidway S3000 Series Ethernet Switches
Table of Contents
i
Table of Contents
Chapter 1 802.1x Configuration ................................................................................................... 1-1
1.1 802.1x Overview ................................................................................................................ 1-1
1.1.1 802.1x Standard Overview...................................................................................... 1-1
1.1.2 802.1x System Architecture .................................................................................... 1-1
1.1.3 802.1x Authentication Process................................................................................ 1-2
1.1.4 Implement 802.1x on Ethernet Switch .................................................................... 1-3
1.2 Configure 802.1x................................................................................................................ 1-3
1.2.1 Enable/Disable 802.1x ............................................................................................ 1-4
1.2.2 Set the Port Access Control Mode. ......................................................................... 1-4
1.2.3 Set Port Access Control Method ............................................................................. 1-5
1.2.4 Check the Users that Log on the Switch via Proxy ................................................. 1-5
1.2.5 Set Supplicant Number on a Port............................................................................ 1-6
1.2.6 Set to Enable DHCP to Launch Authentication....................................................... 1-6
1.2.7 Configure Authentication Method for 802.1x User .................................................. 1-7
1.2.8 Set the Maximum times of authentication request message retransmission.......... 1-7
1.2.9 Set the handshake period of 802.1x ....................................................................... 1-8
1.2.10 Configure Timers................................................................................................... 1-8
1.2.11 Enable/Disable quiet-period Timer........................................................................ 1-9
1.3 Display and Debug 802.1x................................................................................................. 1-9
1.4 802.1x Configuration Example......................................................................................... 1-10
Chapter 2 AAA and RADIUS Protocol Configuration ................................................................ 2-1
2.1 AAA and RADIUS Protocol Overview................................................................................ 2-1
2.1.1 AAA Overview ......................................................................................................... 2-1
2.1.2 RADIUS Protocol Overview .................................................................................... 2-1
2.1.3 Implement AAA/RADIUS on Ethernet Switch ......................................................... 2-2
2.2 Configure AAA ................................................................................................................... 2-3
2.2.1 Create/Delete ISP Domain...................................................................................... 2-3
2.2.2 Configure Relevant Attributes of ISP Domain......................................................... 2-4
2.2.3 Create a Local User ................................................................................................ 2-5
2.2.4 Set Attributes of Local User .................................................................................... 2-5
2.2.5 Disconnect a User by Force.................................................................................... 2-6
2.3 Configure RADIUS Protocol .............................................................................................. 2-7
2.3.1 Create/Delete a RADIUS server Group .................................................................. 2-8
2.3.2 Set IP Address and Port Number of RADIUS Server ............................................. 2-8
2.3.3 Set RADIUS Packet Encryption Key ....................................................................... 2-9
2.3.4 Set Response Timeout Timer of RADIUS Server ................................................. 2-10
2.3.5 Set Retransmission Times of RADIUS Request Packet ....................................... 2-10