Filter
Top Products
DES-7200 Configuration Guide Chapter 4 802.1x Configuration
4-52
Configure RADIUS server
configure terminal
radius-server host 192.168.197.154
radius-server key shared
Configure authentication method list
configure terminal
aaa authentication dot1x default group radius
aaa accounting network default start-stop group radius
802.1X to select the authentication method list
configure terminal
dot1x authentication default
dot1x accounting default
Enable 802.1X authentication on the interface
configure terminal
interface range fastEthernet 0/1-48
dot1x port-control auto
Enable dynamic VLAN assignment on the interface
configure terminal
interface interface_id
dot1x dynamic-vlan enable
Create VLANs to join after user authentication
configure terminal
vlan 2
name students
vlan 3
name trusted_students
vlan 4
name staff
Create the management IP for access device
configure terminal
interface vlan 1
ip address 192.168.197.241 255.255.255.0
By far, user's needs can be met.
4.4 Other Precautions for
Configuring 802.1x
1. Concurrent use of 1X and ACL
In the non-IP authorization mode, if you enable the 802.1x authentication function of a port and
at the same time associate one ACL with a interface, the ACL takes effect on the basis of the
MAC address. In other words, only the packets from the source MAC addresses of the
authenticated users can pass ACL filtering, and the packets from other source MAC addresses