dot1x 在H3C交换机上的典型配置

#
 sysname Quidway
#
radius scheme system
 server-type huawei
 primary authentication 127.0.0.1 1645
 primary accounting 127.0.0.1 1646
 accounting optional
 user-name-format without-domain
radius scheme rs1
 primary authentication 10.153.42.52 1812
 primary accounting 10.153.42.52 1813
 accounting optional
 key authentication cams
 key accounting cams
 user-name-format without-domain

domain system
 radius-scheme rs1
 access-limit disable
 state active
 vlan-assignment-mode integer
 idle-cut disable
 self-service-url disable                
 messenger time disable

 domain default enable system
#
 local-server nas-ip 127.0.0.1 key huawei
#
 vlan range 1-511
#
 dot1x
#
 queue-scheduler wrr 1 2 4 8
#
vlan 1                                   
#
vlan 2
#
interface Vlan-interface1
 ip address 10.153.49.251 255.255.252.0
#
interface Aux0/0
#
interface Ethernet0/1
 port access vlan 2
#
interface Ethernet0/2
 port access vlan 2
#
interface Ethernet0/3
 port access vlan 2
#
interface Ethernet0/4
 port access vlan 2
#
interface Ethernet0/5
#                                        
interface Ethernet0/6
#
interface Ethernet0/7
 dot1x
#
interface Ethernet0/8
 port link-type trunk
 port trunk permit vlan 1 to 2
#
interface NULL0
#
 ip route-static 0.0.0.0 0.0.0.0 10.153.48.1 preference 60
#
user-interface aux 0
user-interface vty 0 4
#
return

posted @ 2008-07-14 20:07  邱亮  阅读(5020)  评论(0编辑  收藏  举报