DES-7200 Configuration Guide Chapter 4 802.1x Configuration
4-55
as controlled port (here we take port F0/1 as the example); (corresponding to paragraph 1
of "Application Needs")
Filter non-DES-7200 supplicant (corresponding to paragraph 2 of "Networking
requirements")
Configure 802.1x accounting and accounting update, and configure the interval of
accounting update packets (corresponding to paragraph 3 of " Networking requirements ")
Configure the reply timeout timer of Radius Server as 5s, and configure the maximum
authentication retries as 6 times (corresponding to paragraph 4 of " Networking
requirements ")
Configure periodic re-authentication of device (corresponding to paragraph 5 of "
Networking requirements ")
Configure the Quiet Period for failed authentication as 500s (waiting time) and configure
the maximum authentication retries as 5 times (corresponding to paragraph 6 of "
Networking requirements ")
4.5.1.4 Configuration Steps
Step 1: Configure relevant attributes of Radius Server
Step 2: Configure access switch "SwitchA"
! Turn on AAA switch
DES-7200(config)#aaa new-model
! Configure RADIUS server
DES-7200(config)#radius-server host 192.168.32.120
! Configure RADIUS Key
DES-7200(config)#radius-server key DES-7200
! Configure dot1x authentication method list
DES-7200(config)#aaa authentication dot1x hello group radius
! Apply dot1x authentication method list
DES-7200(config)#dot1x authentication hello
! Configure F0/1 as controlled port (enable port-based authentication)
DES-7200(config)#interface fastEthernet 0/1
DES-7200(config-if-FastEthernet 0/1)#dot1x port-control auto
DES-7200(config-if-FastEthernet 0/1)#exit
! Filter non-DES-7200 supplicant
DES-7200(config)#dot1x private-supplicant-only
! Configure 802.1X accounting method list
DES-7200(config)#aaa accounting network jizhang start-stop group radius
! Apply 802.1X accounting method list