具体配置如下:
sysname 8haoyingdi3qu-bgl-4110
#
telnet server enable
#
dot1x
dot1x authentication-method eap
dot1x timer reauth-period 300
#
mac-authentication
mac-authentication domain radius-hnld
#
lldp global enable
#
password-recovery enable
#
vlan 1
#
vlan 2 to 160
#
interface NULL0
#
interface Vlan-interface1
ip address dhcp-alloc
ipv6 address auto
ipv6 address dhcp-alloc
#
interface Vlan-interface150
#
interface GigabitEthernet1/0/1
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/2
port access vlan 150
stp edged-port
dot1x
dot1x mandatory-domain radius-hnld
#
interface GigabitEthernet1/0/3
port access vlan 103
#
interface WLAN-Radio1/0/1
#
interface WLAN-Radio1/0/2
#
scheduler logfile size 16
#
line class console
#
line class vty
#
line con 0
#
line vty 0 4
set authentication password hash $h$6$Z83icwaxMII18Ayi$VzVf05Ep9CGpAnuusJzgptjYVuqhTRuCgl3amSgXAbi8LgfiGvomMHFiDL/4kM/X1p3ci/WblBwPyhn8IhhsQg==
#
line vty 5 63
#
undo gratuitous-arp-learning enable
#
acl advanced 3001
rule 0 permit ip destination 10.190.0.1 0
rule 2 permit ip source 10.190.0.1 0
rule 3 deny ip
#
radius nas-ip 172.16.1.31
#
radius scheme radius-bbb
primary authentication 10.190.0.1
primary accounting 10.190.0.1
key authentication cipher $c$3$V7xMRwgDRiaqo1y4cIsP+bnh28t5dNOPs4M=
key accounting cipher $c$3$IVsfaGJDjnJ0IKWgcTTV6bneUeTVqo7ir6c=
user-name-format without-domain
nas-ip 172.16.1.31
#
domain radius-bbb
authentication lan-access radius-scheme radius-bbb none
authorization lan-access radius-scheme radius-bbb none
accounting lan-access radius-scheme radius-bbb none
#
domain system
#
domain default enable radius-hnld
#
(0)
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论