version

1
2
3
Version
Huawei Versatile Routing Platform Software
VRP (R) software, Version 5.170 (S5735 V200R019C00SPC500)

dot1x 配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
1. radius配置
radius-server template radius_temp # 定义radius服务模板
 radius-server shared-key cipher Cisco@123
 radius-server authentication 10.1.210.1 1812 weight 80
 radius-server accounting 10.1.210.1 1813 weight 80
 quit

2. aaa配置
aaa
    authentication-scheme aaa_auth1 # 定义aaa认证方式为radius
     authentication-mode radius
    domain aaa_auth_domain # 定义认证domian
      authentication-scheme aaa_auth1 # 关联认证方式
      radius-server radius_temp # 关联radius认证服务模板
    quit

3. dot1x profile文件配置
dot1x-access-profile name acc_dot1x 
 dot1x authentication-method eap
 dot1x timer client-timeout 30
 quit

4. mac profile文件配置
mac-access-profile name mac_auth
 mac-authen username macaddress format with-hyphen
 quit

5. auth profile文件配置
authentication-profile name auth_dot1x
 dot1x-access-profile acc_dot1x # 调用dot1x接入配置文件
 mac-access-profile mac_auth #调用mac认证接入配置文件
 access-domain aaa_auth_domain force 调用认证domain集
 authentication dot1x-mac-bypass # mac认证bypass

6. 接口启用认证
int g0/0/2 
   authentication-profile auth_dot1x

语音vlan配置

1
2
3
4
5
6
interface GigabitEthernet0/0/1
 port link-type hybrid    #端口模式
 voice-vlan 111 enable    #语音vlan
 port hybrid tagged vlan 111    #语音vlan
 port hybrid pvid vlan 114    #业务vlan
 port hybrid untagged vlan 114    # 业务vlan