MSR3600-28配置基于MAC的802.1x无法通过认证

在windowsserver2016配置radius服务器和交换机配置基于MAC的802.1x，无法通过认证，在windowsserver的radius应该如何配置？在端口开启802.1x后，无法ping通其他网段的ip地址，在未开启802.1x的端口，可以pingt通。而且如果交换机下端口在接一个傻瓜式的交换机，在此交换机接几台设备，应该如何进行设置。

version 7.1.064, Release 0821P11 #  sysname H3C # wlan global-configuration  firmware-upgrade disable #  dot1x #  mac-authentication #  security-zone intra-zone default permit #  ip pool l2tp1 192.168.1.40 192.168.1.60 #  dhcp server always-broadcast #  dns proxy enable #  system-working-mode standard  password-recovery enable # vlan 1 # controller Cellular0/0 # interface Aux0 # interface Virtual-Template0 # interface Virtual-Template1  ppp authentication-mode chap domain joy  remote address pool l2tp1  ip address 192.168.1.1 255.255.255.0 # interface NULL0 # interface Vlan-interface1  description LAN-interface  ip address 192.168.0.1 255.255.255.0  tcp mss 1280 # interface GigabitEthernet0/0  port link-mode route  description Multiple_Line  ip address 10.1.0.123 255.255.0.0  nat outbound  nat outbound 2001  nat server protocol tcp global 10.1.0.123 8888 inside 192.168.0.7 8080 # interface GigabitEthernet0/1  port link-mode route # interface GigabitEthernet0/2  port link-mode route # interface GigabitEthernet0/27  port link-mode route # interface GigabitEthernet0/14  port link-mode bridge # interface GigabitEthernet0/15  port link-mode bridge  duplex full  dot1x  dot1x mandatory-domain jmc # interface GigabitEthernet0/16  port link-mode bridge # security-zone name Local # security-zone name Trust # security-zone name DMZ # security-zone name Untrust # security-zone name Management #  scheduler logfile size 16 # line class aux  user-role network-admin # line class tty  user-role network-operator # line class vty  user-role network-operator # line aux 0  user-role network-admin # line vty 0 63  authentication-mode scheme  user-role network-operator #  info-center loghost 127.0.0.1 port 3301  info-center source CFGLOG loghost level informational # performance-management # acl number 2001  rule 0 permit source 192.168.0.0 0.0.0.255  rule 5 deny #  password-control enable  undo password-control aging enable  undo password-control history enable  password-control length 6  password-control login-attempt 3 exceed lock-t  password-control update-interval 0  password-control login idle-time 0 # radius scheme radius1  primary authentication 192.168.0.151  key authentication cipher $c$3$BGvkRjtjw5qaWAd3v3Gd7uFIl9ff1/sTdQ==  user-name-format without-domain # domain jmc  authentication lan-access radius-scheme radius1  authorization lan-access radius-scheme radius1 # domain joy  authentication ppp local # domain system #  domain default enable system # local-user admin class manage  service-type telnet http https  authorization-attribute user-role network-admin # local-user user class network  password cipher $c$3$Ft9L1q5O81xbLllMycd6JzAgddnp9Q==  service-type ppp  authorization-attribute user-role network-operator # l2tp-group 1 mode lns  allow l2tp virtual-template 1  undo tunnel authentication #  l2tp enable #  ip http enable  ip https enable #  wlan auto-ap enable  wlan auto-persistent enable # wlan ap-group default-group  vlan 1