HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 136
Configuration procedure, Verifying the configuration, Con X
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 136 highlights
Configuration procedure Configurations on the host and RADIUS servers are not shown. The following configuration steps cover some AAA/RADIUS configuration commands. For more information about the commands, see Security Command Referenced. 1. Configure the RADIUS protocol: # Configure a RADIUS scheme named radsun. system-view [Device] radius scheme radsun [Device-radius-radsun] primary authentication 192.168.1.2 [Device-radius-radsun] primary accounting 192.168.1.3 [Device-radius-radsun] secondary authentication 192.168.1.3 [Device-radius-radsun] secondary accounting 192.168.1.2 [Device-radius-radsun] key authentication name [Device-radius-radsun] key accounting money [Device-radius-radsun] timer response-timeout 5 [Device-radius-radsun] retry 5 [Device-radius-radsun] timer realtime-accounting 15 [Device-radius-radsun] user-name-format without-domain [Device-radius-radsun] quit # Configure ISP domain sun to use RADIUS scheme radsun for authentication, authorization, and accounting of all types of users. Specify that the ISP domain can contain up to 30 users. [Device] domain sun [Device-isp-sun] authentication default radius-scheme radsun [Device-isp-sun] authorization default radius-scheme radsun [Device-isp-sun] accounting default radius-scheme radsun [Device-isp-sun] access-limit enable 30 [Device-isp-sun] quit 2. Configure 802.1X: # Set the 802.1X authentication method to CHAP. (This configuration is optional. By default, the authentication method is CHAP for 802.1X.) [Device] dot1x authentication-method chap 3. Configure port security: # Enable port security. [Device] port-security enable # Add five OUI values. [Device] port-security oui 1234-0100-1111 index 1 [Device] port-security oui 1234-0200-1111 index 2 [Device] port-security oui 1234-0300-1111 index 3 [Device] port-security oui 1234-0400-1111 index 4 [Device] port-security oui 1234-0500-1111 index 5 [Device] interface gigabitethernet 1/0/1 # Set the port security mode to userLoginWithOUI. [Device-GigabitEthernet1/0/1] port-security port-mode userlogin-withoui Verifying the configuration # Display the RADIUS scheme radsun. 126