![]() Therefore, you are advised to run the following command to ensure non-stop service: The timeout interval of the security check session on iNode is short. If the active server fails, the switch sends the authentication request packets to the standby server. (V200R010C00 and later versions) To use the session management function, run the radius-server session-manage ip-address shared-key cipher share-key command to enable session management on the RADIUS server and set the IP address and shared key of the RADIUS session management server. After the command is executed, the attributes delivered by dynamic authorization will not overwrite the attributes delivered by security check policy. Therefore, run the authorization-modify mode modify command to set the update mode for user authorization information delivered by the RADIUS server to Modify. If the RADIUS server needs to dynamically authorize AAA users, the attributes delivered by security check policy may be different from the attributes delivered by dynamic authorization. ![]() HW-User-Information receive command to convert the HW-Up-Priority attribute in the received RADIUS packets into HW-User-Information. Run the radius-attribute translate HW-Up-Priority Run the dot1x eap-notify-packet eap-code 10 data-type 25 command to configure the device to return the EAP packets with type value of 10 and data type of 25 to the RADIUS server. Run the dot1x authentication-method eap command to configure EAP relay authentication for 802.1X users. ![]() ![]() In addition, perform the following operations on the device: ![]() When the device connects to an H3C iMC RADIUS server to perform authentication, authorization, or accounting for 802.1X users, configure security check policies (for example, check whether the 802.1X client has two network cards and whether the 802.1X client version is correct) on the RADIUS server to improve security. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |