No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE20E-S2 V800R010C10SPC500 Configuration Guide - Security 01

This is NE20E-S2 V800R010C10SPC500 Configuration Guide - Security
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring 802.1X Port-based Authentication on the NE20E Functioning as a Supplicant

Configuring 802.1X Port-based Authentication on the NE20E Functioning as a Supplicant

Before configuring 802.1X port-based authentication on a supplicant, familiarize yourself with the applicable environment, pre-configuration tasks, and configuration flowchart, which helps you quickly and accurately complete the configuration.

Applicable Environment

To prevent the accessed NE20E from being replaced and ensure the network security on a shared LAN, you can configure 802.1X port-based authentication on a supplicant.

Pre-configuration Tasks

To configure 802.1X port-based authentication on a supplicant, complete the following configuration tasks:

  • Configure the name of the 802.1X supplicant template, authentication user name, authentication user password, and authentication mode.
  • Enable 802.1X port-based authentication.

Configuration Process

Perform the following configurations to configure 802.1X port-based authentication on a supplicant.

Figure 17-2 Flowchart for configuring 802.1X port-based authentication on a supplicant

Configuring an 802.1X Supplicant Template

When 802.1X supplicant authentication is used, the NE20E and the authenticator perform authentication negotiation based on parameters defined in an 802.1X supplicant template.

Context

Perform the following steps on the router.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run dot1x-supplicant-template dot1x-supplicant-template-number

    An 802.1X supplicant template is created or the 802.1X supplicant template view is displayed.

    802.1X supplicant templates are identified by number. Only one 802.1X supplicant template can be configured on a device.

  3. Run eap username username-string password cipher password-string

    The EAP authentication user name and password for the 802.1X supplicant template are set.

  4. (Optional) Run eap authentication-type pap

    An EAP authentication mode is configured for the 802.1X supplicant template. Two EAP authentication modes (CHAP and PAP) are supported on the device. While PAP transmits passwords in plaintext with low security, CHAP transmits passwords in ciphertext with higher security.

Configuring the 802.1X Supplicant Function on an Interface

After the 802.1X supplicant function is enabled on an interface, the interface initiates 802.1X authentication. After the authenticator passes the authentication, the 802.1X supplicant can access the network.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run interface interface-type interface-number

    The interface view is displayed.

  3. Run dot1x supplicant enable dot1x supplicant-template-number

    The 802.1X supplicant function is enabled on the interface and an 802.1X supplicant template is specified.

Verifying the 802.1X Port-based Authentication Configuration on the Supplicant

After 802.1X supplicant authentication is configured, you can check configuration information about the 802.1X supplicant and the corresponding template.

Prerequisites

The 802.1X supplicant function has been enabled.

Procedure

  • Run the display dot1x supplicant command to check session connection information about 802.1X supplicants.
  • Run the display dot1x supplicant statistics command to check packet statistics about a specified 802.1X supplicant.
  • Run the display dot1x supplicant template command to check parameters for authentication negotiation defined in a specified 802.1X supplicant template.
Translation
Download
Updated: 2019-01-02

Document ID: EDOC1100055397

Views: 19841

Downloads: 39

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next