用VLAN做端口隔离和dot1.x认证
来源:互联网 发布:中美网络红黑大战 编辑:程序博客网 时间:2024/04/28 10:32
radius服务器配置
radius scheme system
server-type huawei
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain
radius scheme huawei
server-type huawei
primary authentication 10.1.17.14 1812
primary accounting 10.1.17.14 1813
key authentication cams
key accounting cams
user-name-format without-domain
security-policy-server 10.1.17.14
domain huawei
radius-scheme huawei
access-limit disable
state active
vlan-assignment-mode integer
idle-cut disable
self-service-url disable
messenger time disable
domain system
radius-scheme system
access-limit disable
state active
vlan-assignment-mode integer
idle-cut disable
self-service-url disable
messenger time disable
domain default enable huawei //把华为的RADIUS设为默认的RADIUS
开启全局的dot1x
dot1x
dot1x supp-proxy-check trap
dot1x supp-proxy-check logoff
划分多个VLAN并配置管理IP地址
vlan 1
#
vlan 4
#
vlan 6
#
vlan 10
#
vlan 1001
#
vlan 1002
#
vlan 1003
#
vlan 1004
#
vlan 1005
#
vlan 1006
#
vlan 1007
#
vlan 1008
#
vlan 1009
#
vlan 1010
#
vlan 1011
#
vlan 1012
#
vlan 1013
#
vlan 1014
#
vlan 1015
#
vlan 1016
#
vlan 1017
#
vlan 1018
#
vlan 1019
#
vlan 1020
#
vlan 1021
#
vlan 1022
#
vlan 1023
#
vlan 1024
#
vlan 1025
#
vlan 1026
#
vlan 1027
#
vlan 1028
#
vlan 1029
#
vlan 1030
#
vlan 1031
#
vlan 1032
#
vlan 1033
#
vlan 1034
#
vlan 1035
#
vlan 1036
#
vlan 1037
#
vlan 1038
#
vlan 1039
#
vlan 1040
#
vlan 1041
#
vlan 1042
#
vlan 1043
#
vlan 1044
#
vlan 1045
#
vlan 1046
#
vlan 1047
#
vlan 1048
#
interface Vlan-interface10
ip address X.X.X.X 255.255.255.0
端口配置信息
#
interface Ethernet0/1
port link-type hybrid
port hybrid vlan 1 1001 untagged
port hybrid pvid vlan 1001
broadcast-suppression 5
dot1x
dot1x supp-proxy-check trap
dot1x supp-proxy-check logoff
dot1x version-check
#
interface Ethernet0/2
port link-type hybrid
port hybrid vlan 1 1002 untagged
port hybrid pvid vlan 1002
broadcast-suppression 5
dot1x
dot1x supp-proxy-check trap
dot1x supp-proxy-check logoff
dot1x version-check
....................
配置上行口信息
interface GigabitEthernet2/1
port link-type hybrid
port hybrid vlan 4 10 tagged
port hybrid vlan 1 6 1001 to 1048 untagged
broadcast-suppression 5
配置与其连接的上层交换机的下行口信息
speed 1000
port link-type hybrid
port hybrid vlan 4 10 tagged
port hybrid vlan 1 untagged
broadcast-suppression 5
description toXXX
- 用VLAN做端口隔离和dot1.x认证
- 关于MPLS和Vlan隔离技术的思考
- ovs 隔离vlan packet
- 用ovs-docker让容器网络支持Vlan隔离
- vlan tag是做什么用的?
- VLAN的Hybrid和Trunk端口有何区别?
- VLAN的Hybrid和Trunk端口有何区别
- 使用VLAN隔离虚拟机流量
- VLAN隔离思维导图
- cisco 端口 VLAN 设置
- 交换机端口vlan模式
- VLAN端口属性详解
- VLAN端口类型
- VLAN端口属性详解
- 端口加入VLAN
- 交换机 VLAN 端口类型
- 用radius和oracle做认证计费系统
- AD与ACS结合做802.1x认证
- asp.net/c#字符格式化大总结
- JFreeChart折线图,饼图,柱状图
- 通过设置[.htaccess]实现URL完美转向
- a p2p Sudoku example from WindowsClient.net (zz)
- 收集一些常用的正则表达式
- 用VLAN做端口隔离和dot1.x认证
- 欢迎访问水晶报表群组
- 转载:) 关于spring、hibernate、struts的一些错误问题 不断补充中(靠自己了)
- 自动转向技术(Auto-Redirecting)及301重定向对SEO的影响 实现方法(整理修改)
- 使用Java Web Services Developer Pack1.6开发WebService入门
- .Net中如何操作IIS(源代码)
- 怎样才能更好的培养后代
- ASP.NET调试应用程序的方法和技巧
- js类,先保存,稍后整理
