![SNR S2989G-24TX [306/553] Eap termination mode](/img/pdf.png)
SNR S2989G-24TX [306/553] Eap termination mode
![SNR S2989G-24TX [306/553] Eap termination mode](/views2/1978540/page306/bg132.png)
S2989G-24TX Operation Manual
Chapter 6 Security Function Configuration
6-33
MS-CHAPV2 can be transmitted within TTLS tunnels.
4. PEAP Authentication Method
EAP-PEAP is brought up by Cisco, Microsoft and RAS Security as a recommended
open standard. It has long been utilized in products and provides very good security. Its
design of protocol and security is similar to that of EAP-TTLS, using a server’s PKI
certificate to establish a safe TLS tunnel in order to protect user authentication.
The following figure illustrates the basic operation flow of PEAP authentication
method.
Figure 6-11 the Authentication Flow of 802.1x PEAP
6.2.1.5.2 EAP Termination Mode
In this mode, EAP messages will be terminated in the access control unit and
mapped into RADIUS messages, which is used to implement the authentication,
authorization and fee-counting. The basic operation flow is illustrated in the next figure.
In EAP termination mode, the access control unit and the RADIUS server can use
PAP or CHAP authentication method. The following figure will demonstrate the basic
operation flow using CHAP authentication method.
Содержание
- Chapter 1 basic management configuration 1 1 1
- Chapter 2 layer 2 services configuration 2 1 1
- Content 1
- Content 1 1
- Efm oam 2 31 2
- Lldp 2 17 2
- Mtu 2 30 2
- Uldp 2 11 2
- Ddm 2 49 3
- Gvrp 2 66 3
- Lldp med 2 41 3
- Port security 2 47 3
- Vlan 2 58 3
- Chapter 3 ip services configuration 3 1 4
- Vlan 2 76 4
- Vlan 2 80 4
- Vlan 2 85 4
- Arp 3 16 5
- Arp guard 3 26 5
- Urpf 3 14 5
- Arp 3 30 6
- Dhcp 3 37 6
- Bfd 4 19 7
- Chapter 4 routing protocol related 7
- Configuration 4 1 7
- Ecmp 4 14 7
- Chapter 5 multicast protocol related 8
- Chapter 6 security function configuration 6 1 8
- Configuration 5 25 8
- Igmp 5 28 8
- Vlan 5 45 8
- Radius 6 55 9
- Ssl 6 62 9
- Tacacs 6 53 9
- Vlan 6 45 9
- Mab 6 70 10
- S 6 113 10
- S 6 96 10
- Vlan acl 6 66 10
- Chapter 7 reliability configuration 7 1 11
- Chapter 8 debugging and diagnosis configuration 11
- Erps 7 32 11
- Mrpp 7 13 11
- Mstp 7 1 11
- Q 6 121 11
- Ulpp 7 20 11
- Ulsm 7 28 11
- Copp 8 6 12
- Chapter 10 virtualization configuration 10 1 13
- Chapter 9 network time management 13
- Configuration 9 1 13
- Ntp 9 3 13
- Rspan 8 23 13
- Sntp 9 1 13
- Vsf 10 1 13
- 38 11 11 14
- Chapter 11 ipv6 configuration 11 1 14
- Ra 11 35 14
- Savi 11 37 15
- Chapter 1 basic management 16
- Configuration 16
- Management options 16
- Switch management 16
- In band management 20
- Management via telnet 20
- Management via http 22
- Cli interface 25
- Manage the switch via snmp network management 25
- Software 25
- Configuration modes 26
- User mode 26
- Admin mode 27
- Global mode 27
- Configuration syntax 29
- Shortcut key support 29
- Help function 30
- Input verification 30
- Returned information success 30
- Basic configuration 31
- Basic switch configuration 31
- Telnet management 33
- Example of ssh server configuration 36
- Ssh server configuration task list 36
- Configure switch ip addresses 37
- Switch ip addresses configuration task list 37
- Snmp configuration 38
- Introduction to mib 40
- Introduction to rmon 41
- Snmp configuration 41
- Snmp configuration task list 41
- Typical snmp configuration examples 44
- Switch upgrade 46
- Bootrom upgrade 47
- Ftp tftp upgrade 49
- Introduction to ftp tftp 49
- Ftp tftp configuration 51
- Ftp tftp configuration task list 51
- Ftp tftp configuration examples 53
- Ftp tftp troubleshooting 55
- Ftp troubleshooting 56
- Tftp troubleshooting 56
- File system 57
- File system operation configuration task list 57
- Introduction to file storage devices 57
- Cluster 59
- Introduction to cluster network management 59
- Troubleshooting 59
- Typical applications 59
- Cluster network management configuration 60
- Sequence 60
- Examples of cluster administration 63
- Cluster administration troubleshooting 64
- Chapter 2 layer 2 services 65
- Configuration 65
- Introduction to port 65
- Network port configuration task list 65
- Port configuration 65
- Port configuration example 67
- Port troubleshooting 68
- Introduction to port isolation function 69
- Port isolation 69
- Task sequence of port isolation 69
- Port isolation function typical examples 70
- Function 71
- Introduction to port loopback detection 71
- Port loopback detection 71
- Port loopback detection function configuration 72
- Task list 72
- Port loopback detection function example 74
- Introduction to uldp function 75
- Port loopback detection troubleshooting 75
- Uldp configuration task sequence 76
- Uldp function typical examples 79
- Uldp troubleshooting 80
- Introduction to lldp function 81
- Lldp function configuration task sequence 82
- Lldp function typical example 85
- Lldp function troubleshooting 86
- Introduction to port channel 87
- Port channel 87
- Brief introduction to lacp 88
- Dynamic lacp aggregation 89
- Port channel configuration task list 89
- Static lacp aggregation 89
- Port channel examples 91
- Introduction to mtu 94
- Mtu configuration task sequence 94
- Port channel troubleshooting 94
- Efm oam 95
- Introduction to efm oam 95
- Efm oam configuration 98
- Efm oam example 101
- Efm oam troubleshooting 101
- Bpdu tunnel 102
- Introduction to bpdu tunnel 102
- Bpdu tunnel configuration task list 103
- Examples of bpdu tunnel 104
- Bpdu tunnel troubleshooting 105
- Introduction to lldp med 105
- Lldp med 105
- Lldp med configuration task sequence 105
- Lldp med example 108
- Introduction to port security 111
- Lldp med troubleshooting 111
- Port security 111
- Port security configuration task list 111
- Example of port security 112
- Introduction to ddm 113
- Port security troubleshooting 113
- Brief introduction to ddm 114
- Ddm function 115
- Ddm configuration task list 116
- Examples of ddm 117
- Ddm troubleshooting 122
- Introduction to vlan 122
- Vlan configuration task list 124
- Typical vlan application 126
- Typical application of hybrid port 128
- Introduction to gvrp 130
- Gvrp configuration task list 131
- Example of gvrp 132
- Dot1q tunnel 134
- Gvrp troubleshooting 134
- Introduction to dot1q tunnel 134
- Dot1q tunnel configuration 135
- Typical applications of the dot1q tunnel 136
- Dot1q tunnel troubleshooting 137
- Introduction to vlan translation 137
- Vlan translation 137
- Vlan translation configuration 137
- Typical application of vlan translation 138
- Vlan translation troubleshooting 139
- Dynamic vlan 140
- Dynamic vlan configuration 140
- Introduction to dynamic vlan 140
- Typical application of the dynamic vlan 142
- Dynamic vlan troubleshooting 143
- Introduction to voice vlan 144
- Voice vlan 144
- Typical applications of the voice vlan 145
- Voice vlan configuration 145
- Introduction to multi to one vlan translation 147
- Multi to one vlan translation 147
- Multi to one vlan translation configuration 147
- Voice vlan troubleshooting 147
- Translation 148
- Typical application of multi to one vlan 148
- Introduction to super vlan 149
- Multi to one vlan translation troubleshooting 149
- Super vlan 149
- Super vlan configuration 151
- Typical application of super vlan 152
- Vlan 3 vlan 4 153
- Introduction to mac table 154
- Mac table 154
- Super vlan troubleshooting 154
- Obtaining mac table 155
- Forward or filter 156
- Mac address table configuration task list 157
- Mac table troubleshooting 159
- Typical configuration examples 159
- Introduction to mac notification 160
- Mac notification 160
- Mac notification configuration 160
- Mac notification example 162
- Mac notification troubleshooting 162
- Chapter 3 ip services configuration 163
- Introduction to layer 3 interface 163
- Layer 3 interface 163
- Layer 3 interface configuration task list 163
- Introduction to ipv4 ipv6 165
- Ip configuration 165
- Ip configuration 167
- Configuration examples of ipv4 172
- Ip configuration examples 172
- Configuration examples of ipv6 173
- Introduction to ip forwarding 175
- Ip forwarding 175
- Ipv6 troubleshooting 175
- Introduction to urpf 176
- Ip route aggregation configuration task 176
- Urpf configuration task sequence 177
- Urpf typical example 177
- Introduction to arp 178
- Urpf troubleshooting 178
- Arp configuration task list 179
- Arp troubleshooting 180
- Introduction to l3 station movement 180
- L3 station movement configuration task list 180
- Station movement 180
- Arp scanning prevention 181
- Function 181
- Introduction to arp scanning prevention 181
- Arp scanning prevention configuration task 182
- Sequence 182
- Arp scanning prevention typical examples 183
- Arp scanning prevention troubleshooting help 184
- Overview 185
- Prevent arp spoofing 185
- Prevent arp spoofing configuration 186
- Prevent arp spoofing example 187
- Arp guard 188
- Introduction to arp guard 188
- Arp guard configuration task list 189
- Arp local proxy 189
- Introduction to arp local proxy function 189
- Arp local proxy function configuration task 191
- Typical examples of arp local proxy function 191
- Arp local proxy function troubleshooting 192
- Gratuitous arp 192
- Gratuitous arp configuration task list 192
- Introduction to gratuitous arp 192
- Gratuitous arp configuration example 193
- Configuration 194
- Dynamic arp inspection 194
- Dynamic arp inspection configuration task 194
- Gratuitous arp troubleshooting 194
- Introduction to dynamic arp inspection 194
- Dynamic arp inspection configuration 195
- Example 195
- Introduction to keepalive gateway 197
- Keepalive gateway 197
- Keepalive gateway configuration task list 197
- Keepalive gateway example 198
- Introduction to dhcp 199
- Kepalive gteway troubleshooting 199
- Dhcp server configuration 200
- Dhcp relay configuration 203
- Dhcp configuration examples 204
- Dhcp option 82 207
- Dhcp troubleshooting 207
- Introduction to dhcp option 82 207
- Dhcp option 82 message structure 208
- Option 82 working mechanism 208
- Dhcp option 82 configuration task list 209
- Dhcp option 82 application examples 213
- Dhcp option 82 troubleshooting 215
- Dhcp snooping 215
- Introduction to dhcp snooping 215
- Dhcp snooping configuration task sequence 217
- Dhcp snooping typical application 221
- Dhcp snooping troubleshooting help 222
- Dhcp option 60 and option 43 223
- Dhcp option 60 and option 43 configuration 223
- Introduction to dhcp option 60 and option 43 223
- Task list 223
- Dhcpv6 option 60 and option 43 example 224
- Dhcp option 60 and option 43 troubleshooting 225
- Chapter 4 routing protocol related 226
- Configuration 226
- Routing protocol overview 226
- Routing table 227
- Ip routing policy 228
- Ip routing policy configuration task list 230
- Configuration examples 233
- Troubleshooting 234
- Introduction to default route 235
- Introduction to static route 235
- Static route 235
- Static route configuration examples 236
- Static route configuration task list 236
- Introduction to black hole routing 237
- Ipv4 black hole routing 237
- Black hole routing configuration exmaples 238
- Ipv4 black hole routing configuration task 238
- Black hole routing troubleshooting 239
- Introduction to ecmp 239
- Ecmp configuration task list 240
- Ecmp typical example 240
- Ospf implements ecmp 241
- Static route implements ecmp 241
- Ecmp troubleshooting 243
- Bfd configuration task list 244
- Introduction to bfd 244
- Examples of bfd 246
- Example for linkage of bfd and rip route 247
- Example for linkage of bfd and vrrp 248
- Bfd troubleshooting 250
- Chapter 5 multicast protocol related 250
- Configuration 250
- Introduction to multicast 250
- Multicast 250
- Multicast address 251
- Ip multicast packet transmission 252
- Introduction to igmp 253
- Ip multicast application 253
- Igmp configuration task list 255
- Igmp configuration examples 258
- Igmp snooping 259
- Igmp snooping configuration task list 259
- Igmp troubleshooting 259
- Introduction to igmp snooping 259
- Igmp snooping examples 262
- Igmp proxy 265
- Igmp snooping troubleshooting 265
- Introduction to igmp proxy 265
- Igmp proxy configuration task list 266
- Igmp proxy examples 267
- Igmp proxy troubleshooting 270
- Introductions to multicast vlan 270
- Multicast vlan 270
- Multicast vlan configuration task list 271
- Multicast vlan examples 272
- Chapter 6 security function 274
- Configuration 274
- Introduction to acl 274
- Acl configuration task list 275
- Acl example 292
- Acl troubleshooting 296
- Introduction to 802 x 297
- The work mechanism of 802 x 299
- The encapsulation of eapol messages 300
- The authentication methods of 802 x 302
- The encapsulation of eap attributes 302
- Eap relay mode 303
- Eap termination mode 306
- The extension and optimization of 802 x 307
- The features of vlan allocation 308
- X configuration task list 309
- X application example 312
- Examples of ipv4 radius applications 315
- Examples of ipv6 radius application 316
- X troubleshooting 317
- Introduction to the number limitation function 318
- Of mac and ip in port vlan 318
- Port vlan 318
- The number limitation function of mac and ip in 318
- Port vlan configuration task sequence 319
- The number limitation function of mac and ip in 319
- Port vlan typical examples 321
- The number limitation function of mac and ip in 321
- Port vlan troubleshooting help 322
- The number limitation function of mac and ip in 322
- Am function configuration task list 323
- Introduction to am function 323
- Am function example 324
- Am function troubleshooting 325
- Introduction to tacacs 326
- Tacacs 326
- Tacacs configuration task list 326
- Tacacs scenarios typical examples 327
- Introduction to radius 328
- Radius 328
- Tacacs troubleshooting 328
- Radius configuration task list 330
- Ipv4 radius example 332
- Radius typical examples 332
- Ipv6 radiusexample 333
- Radius troubleshooting 334
- Introduction to ssl 335
- Basic element of ssl 336
- Ssl configuration task list 337
- Ssl troubleshooting 338
- Ssl typical example 338
- Introduction to vlan acl 339
- Vlan acl 339
- Vlan acl configuration task list 340
- Vlan acl configuration example 341
- Vlan acl troubleshooting 342
- Introduction to mab 343
- Mab configuration task list 343
- Mab example 345
- Switch1 346
- Switch2 346
- Introduction to pppoe intermediate agent 348
- Mab troubleshooting 348
- Pppoe intermediate agent 348
- Pppoe intermediate agent exchange process 350
- Pppoe packet format 350
- Pppoe intermediate agent vendor tag frame 352
- Trust port of pppoe intermediate agent 352
- Pppoe intermediate agent configuration task 353
- Pppoe intermediate agent typical application 354
- Captive portal authentication 356
- Captive portal authentication configuration 356
- Pppoe intermediate agent troubleshooting 356
- Captive portal authentication configuration 357
- Captive portal authentication examples 360
- Accounting function configuration 362
- Accounting function examples 363
- Accounting function troubleshooting 364
- Switch 364
- Switch1 364
- Free resource configuration 365
- Authentication 366
- Automatic page pushing after successful 366
- Authentication configuration 367
- Authentication example 367
- Automatic page pushing after successful 367
- Authentication troubleshooting 368
- Automatic page pushing after successful 368
- Introduction to qos 369
- Qos implementation 370
- Basic qos model 371
- Action will cover set int prio of the unrelated action with the color 374
- Action with the color 374
- Figure 6 39 policing and remarking process 374
- Note 1 int prio will be covered with the after setting set int prio of the specific color 374
- Note 2 drop the internal priority of the packets according to intp to intp map source int 374
- Prio means to the obtainable int prio in classification flow or int prio set by the unrelated 374
- Algorith 375
- And dscp value according to pass through cos pass through dscp 375
- Configure class map 375
- Figure 6 40 queuing and scheduling process 375
- Internal priority and then forward the packets according to the priority queue weight and 375
- Note 1 the ingress configures pass through cos pass through dscp to forbid the 375
- Qos configuration task list 375
- Queue management 375
- Queuing and scheduling there are the internal priority for the egress packets the 375
- Rewrite of l2 cos priority and dscp value at the egress obtain l2 cos priority and dscp 375
- Scheduling operation assigns the packets to different priority queues according to the 375
- The drop precedence the following flowchart describes the scheduling operation 375
- Value according to the final int prio of the packets decide whether rewrite l2 cos priority 375
- Qos example 380
- Flow based redirection 383
- Introduction to flow based redirection 383
- Qos troubleshooting 383
- Flow based redirection configuration task 384
- Sequence 384
- Flow based redirection examples 385
- Flow based redirection troubleshooting help 385
- Egress qos 386
- Introduction to egress qos 386
- Drop different color 387
- Dual color or dual 387
- Ingress egress 387
- Packets 387
- Policy 387
- Policy of egress 387
- Sort packet traffic according to the 387
- Tos cos fields 387
- Egress qos configuration 388
- Command resotores the default 391
- Configuration 391
- Set egress cos mapping no 391
- Egress qos examples 392
- Egress qos troubleshooting help 394
- Flexible qinq 394
- Introduction to flexible qinq 394
- Flexible qinq configuration task list 395
- Flexible qinq example 397
- Flexible qinq troubleshooting 399
- Chapter 7 reliability configuration 400
- Introduction to mstp 400
- Operations between mst regions 401
- Operations within an mstp region 401
- Mstp configuration task list 402
- Mstp load balance 402
- Port roles 402
- Mstp example 407
- Mstp troubleshooting 411
- Introduction to mrpp 412
- Mrpp protocol packet types 413
- Mrpp protocol operation system 414
- Mrpp configuration task list 415
- Mrpp typical scenario 416
- Introduction to ulpp 419
- Mrpp troubleshooting 419
- Ulpp configuration task list 421
- Ulpp typical example1 423
- Ulpp typical examples 423
- Ulpp typical example2 425
- Introduction to ulsm 427
- Ulpp troubleshooting 427
- Ulsm configuration task list 428
- Ulsm typical example 429
- Introduction to erps 431
- Ulsm troubleshooting 431
- Erps function 432
- Erps terminology 432
- Failure recovery 433
- Fault switchover 433
- Interconnection ring model 436
- Erps application 437
- Erps configuration 438
- Erps examples 440
- Erps troubleshooting 446
- Chapter 8 debugging and diagnosis 448
- Configuration 448
- Monitor and debug 448
- Traceroute 448
- Traceroute6 449
- Introduce to reload switch after specifid time 451
- Logging 451
- Reload switch after specifid time task list 451
- Reload switch after specified time 451
- And sent by cpu 452
- And sent by cpu task list 452
- Debugging and diagnosis for packets received 452
- Introduction to debugging and diagnosis for 452
- Packets received and sent by cpu 452
- Copp configuration 453
- Introduction to copp 453
- Copp configuration examples 456
- Copp configuration troubleshooting 457
- Priority 459
- Source information format 459
- Timestamp 460
- System information configure sequence 461
- The content indicates the specific contents of the 461
- Instructions 464
- Logbuffer output log 465
- Loghost output log 465
- Trapbuffer output log 465
- Delete logs recorded by logbuffer or trapbuffer 466
- Logfile output log 466
- Record user operation commands 466
- Erratum 467
- Introduction to mirror 468
- Mirror 468
- Mirror configuration task list 468
- Device mirror troubleshooting 469
- Mirror examples 469
- Introduction to rspan 470
- Rspan configuration task list 472
- Typical examples of rspan 473
- Introduction to sflow 477
- Rspan troubleshooting 477
- Sflow configuration task list 478
- Sflow examples 479
- Sflow troubleshooting 480
- Chapter 9 network time management 481
- Configuration 481
- Introduction to sntp 481
- Typical examples of sntp configuration 482
- Introduction to ntp function 483
- Ntp function configuration task list 483
- Typical examples of ntp function 486
- Dnsv4 v6 487
- Introduction to dns 487
- Ntp function troubleshooting 487
- Dnsv4 v6 configuration task list 489
- Typical examples of dns 491
- Dns troubleshooting 492
- Recorded message to the technical service center of our company 493
- Examples of summer time 494
- Introduction to summer time 494
- Summer time 494
- Summer time configuration task sequence 494
- Summer time troubleshooting 495
- Chapter 10 virtualization configuration 496
- Basic concept 498
- Glossary 499
- Lacp mad 500
- Vsf typical application 500
- Bfd mad 501
- Relevant vsf configuration 502
- Lacp mad configuration 504
- Bfd mad configuration 505
- Typical vsf example 506
- Vsf troubleshooting 509
- Chapter 11 ipv6 configuration 511
- Dhcpv6 511
- Introduction to dhcpv6 511
- Dhcpv6 server configuration 512
- Dhcpv6 prefix delegation server configuration 514
- Dhcpv6 relay delegation configuration 514
- Dhcpv6 prefix delegation client configuration 516
- Dhcpv6 configuration examples 517
- Dhcpv6 option37 38 521
- Dhcpv6 troubleshooting 521
- Introduction to dhcpv6 option37 38 521
- Dhcpv6 option37 38 configuration task list 522
- Dhcpv6 option37 38 examples 528
- Dhcpv6 relay option37 38 example 530
- Dhcpv6 option37 38 troubleshooting 531
- Overview 532
- Prevent nd spoofing 532
- Prevent nd spoofing configuration 532
- Black hole routing configuration exmaples 533
- Introduction to black hole routing 533
- Ipv6 black hole routing 533
- Ipv6 black hole routing configuration task 533
- Prevent nd spoofing example 533
- Black hole routing troubleshooting 534
- Ipv6 multicast protocol 535
- Mld configuration task list 536
- Mld typical application 537
- Mld troubleshooting help 538
- Mld snooping 539
- Mld snooping examples 541
- Mld snooping troubleshooting 544
- Introduction to ipv6 security ra 545
- Ipv6 security ra 545
- Ipv6 security ra configuration task sequence 545
- Ipv6 security ra troubleshooting help 546
- Ipv6 security ra typical examples 546
- Introduction to savi 547
- Savi configuration 547
- Savi typical application 551
- Advertisement function 552
- And nd trust functions aggregation switch3 enables dhcpv6 server function and route 552
- Client_1 and client_2 means two different user s pc installed ipv6 protocol 552
- Configuration steps of savi dhcp slaac scene 552
- Enable 552
- Ethernet1 0 2 are uplink ports of switch1 and switch2 respectively enable dhcp trust 552
- Respectively connect with port ethernet1 0 12 of switch1 and port ethernet1 0 13 of 552
- Switch1 config 552
- Switch1 config if ethernet1 0 1 ipv6 dhcp snooping trust 552
- Switch1 config if ethernet1 0 1 ipv6 nd snooping trust 552
- Switch1 config interface ethernet1 0 1 552
- Switch1 config savi check binding probe mode 552
- Switch1 config savi enable 552
- Switch1 config savi ipv6 dhcp slaac enable 552
- Switch2 and enable the source address check function of savi ethernet1 0 1 and 552
- Savi troubleshooting 553
Похожие устройства
- SNR S2200G-8T-POE Техническое Описание
- SNR S2200G-8T-POE Руководство по Настройке
- SNR S2965-8T-RPS Техническое Описание
- SNR S2965-8T-RPS Руководство по настройке
- SNR S2995G-48TX-POE Руководство по Настройке
- SNR S2995G-48TX-POE Техническое Описание
- SNR S5210G-24TX Техническое Описание
- SNR S5210G-24TX Руководство администратора
- SNR S5210G-24TX Руководство по эксплуатации
- SNR S5210G-24TX-UPS-R Техническое Описание
- SNR S5210G-24TX-UPS-R Руководство администратора
- SNR S5210G-24TX-UPS-R Руководство по эксплуатации
- SNR S5210X-8F Техническое Описание
- SNR S5210X-8F Руководство администратора
- SNR S5210X-8F Руководство по эксплуатации
- SNR S2982G-24TE-UPS Техническое Описание
- SNR S2982G-24TE-UPS Руководство по настройке
- SNR S5210G-24TX-UPS Техническое Описание
- SNR S5210G-24TX-UPS Руководство администратора
- SNR S5210G-24TX-UPS Руководство по эксплуатации