3com:router:radius_configuration:configuration_example_script
# version 5.20, Release 2306 # sysname H3C.WIFI # clock timezone Bogota minus 05:00:00 # super password level 1 simple 1234567890 super password level 2 simple 1234567890 super password level 3 simple 1234567890 super authentication-mode local scheme # domain default enable system # telnet server enable # port-security enable # dot1x authentication-method eap # wlan country-code CO # wlan auto-ap enable vlan 1 description Default # vlan 6 description Wifi # vlan 100 description ILO # vlan 150 description VOIP # vlan 500 description DMZ # vlan 501 description INTERNET1 # vlan 502 description INTERNET2 # vlan 503 description GUEST # vlan 504 description WIFI # vlan 505 description LOCATION_1 # vlan 506 description LOCATION_2 # vlan 507 description LOCATION_3 # vlan 508 description LOCATION_4 # vlan 509 description LOCATION_5 # vlan 510 description LOCATION_6 # vlan 511 description LOCATION_7 # vlan 512 description LOCATION_8 # radius scheme itradius server-type extended primary authentication 172.16.140.2 primary accounting 172.16.140.2 key authentication simple itclatam key accounting simple itclatam # domain homi authentication lan-access radius-scheme itradius authorization lan-access radius-scheme itradius accounting lan-access radius-scheme itradius access-limit disable state active idle-cut disable self-service-url disable domain system access-limit disable state active idle-cut disable self-service-url disable # user-group system group-attribute allow-guest # local-user admin password simple 1234567890 bind-attribute vlan 1 authorization-attribute level 3 service-type lan-access service-type ssh telnet terminal service-type portal service-type web local-user manager password simple 1234567890 bind-attribute vlan 1 authorization-attribute level 3 service-type lan-access service-type ssh telnet terminal service-type portal service-type web wlan rrm dot11a mandatory-rate 6 12 24 dot11a supported-rate 9 18 36 48 54 dot11b mandatory-rate 1 2 dot11b supported-rate 5.5 11 dot11g mandatory-rate 1 2 5.5 11 dot11g supported-rate 6 9 12 18 24 36 48 54 # wlan radio-policy 1025 # wlan radio-policy 1026 # wlan radio-policy 1281 # wlan radio-policy 1282 # wlan radio-policy 1537 # wlan radio-policy 1538 # wlan radio-policy 1793 # wlan radio-policy 1794 # wlan radio-policy 257 # wlan radio-policy 258 # wlan radio-policy 513 # wlan radio-policy 514 # wlan radio-policy 769 # wlan radio-policy 770 # wlan service-template 1 crypto ssid HomiRed bind WLAN-ESS 0 authentication-method shared-key cipher-suite wep104 cipher-suite tkip cipher-suite ccmp security-ie rsn security-ie wpa wep default-key 1 wep128 pass-phrase cipher NK'MS5];WI+R9C#B\=2U(A!! wep default-key 2 wep104 pass-phrase cipher NK'MS5];WI*$a*Y3QTWH/1!! wep key-id 2 service-template enable # wlan service-template 2 crypto ssid HomiMoviles bind WLAN-ESS 1 authentication-method shared-key cipher-suite wep104 cipher-suite tkip security-ie wpa wep default-key 1 wep104 pass-phrase cipher 4IZ.S1].2`P,MBaOC%\#,!!! wep default-key 2 wep104 pass-phrase cipher NK'MS5];WI*$a*Y3QTWH/1!! wep default-key 3 wep104 pass-phrase cipher ;*W%WZ=>0F$D8.ES!4aJ*A!! wep default-key 4 wep104 pass-phrase cipher ;*W%WZ=>0F$D8.ES!4aJ*A!! wep key-id 4 service-template enable # wlan service-template 3 clear ssid Invitados bind WLAN-ESS 2 service-template enable wlan service-template 4 crypto ssid HOMI-R bind WLAN-ESS 3 cipher-suite tkip cipher-suite ccmp security-ie rsn service-template enable # interface NULL0 # interface Vlan-interface1 ip address 172.16.0.31 255.255.240.0 # interface Vlan-interface504 ip address 172.16.104.2 255.255.255.0 # interface GigabitEthernet1/0/1 port link-type trunk port trunk permit vlan all # interface GigabitEthernet1/0/2 port link-type trunk port trunk permit vlan all shutdown # interface Ten-GigabitEthernet1/0/3 port link-type trunk port trunk permit vlan all shutdown # interface WLAN-ESS0 port link-type hybrid undo port hybrid vlan 1 port hybrid vlan 504 untagged port hybrid pvid vlan 504 port-security port-mode psk port-security tx-key-type 11key port-security preshared-key pass-phrase cipher HS/Q2CWhss/lbAXvDyWiFA== # interface WLAN-ESS1 port link-type hybrid undo port hybrid vlan 1 port hybrid vlan 504 untagged port hybrid pvid vlan 504 port-security port-mode psk port-security tx-key-type 11key port-security preshared-key pass-phrase cipher zk54tEmXhJH+Yty02PlHlQ== # interface WLAN-ESS2 port link-type hybrid undo port hybrid vlan 1 port hybrid vlan 503 untagged port hybrid pvid vlan 503 # interface WLAN-ESS3 port link-type hybrid undo port hybrid vlan 1 port hybrid vlan 504 untagged port hybrid pvid vlan 504 port-security port-mode userlogin-secure-ext port-security tx-key-type 11key undo dot1x handshake dot1x mandatory-domain homi undo dot1x multicast-trigger # wlan ap ap_01_informatica model WA2620-AGN id 1 serial-id 219801A0AA9119G01390 radio 1 radio-policy 257 service-template 1 service-template 2 service-template 3 service-template 4 radio enable radio 2 radio-policy 258 service-template 1 service-template 2 service-template 3 service-template 4 radio enable # wlan ap ap_02 model WA2620-AGN id 2 serial-id 219801A0AA9119G01383 radio 1 radio-policy 513 service-template 1 service-template 2 service-template 3 service-template 4 radio enable radio 2 radio-policy 514 service-template 1 service-template 2 service-template 3 service-template 4 radio enable # wlan ap ap_03 model WA2620-AGN id 3 serial-id 219801A0AA9119G01406 radio 1 radio-policy 769 service-template 1 service-template 2 service-template 3 service-template 4 radio enable radio 2 radio-policy 770 service-template 1 service-template 2 service-template 3 service-template 4 radio enable # wlan ap ap_04 model WA2620-AGN id 4 serial-id 219801A0AA9119G01478 radio 1 radio-policy 1025 service-template 1 service-template 2 service-template 3 service-template 4 radio enable radio 2 radio-policy 1026 service-template 1 service-template 2 service-template 3 service-template 4 radio enable # wlan ap ap_05 model WA2620-AGN id 5 serial-id 219801A0AA9119G01392 radio 1 radio-policy 1281 service-template 1 service-template 2 service-template 3 service-template 4 radio enable radio 2 radio-policy 1282 service-template 1 service-template 2 service-template 3 service-template 4 radio enable # wlan ap ap_06 model WA2620-AGN id 6 serial-id 219801A0AA9119G00804 radio 1 radio-policy 1537 service-template 1 service-template 2 service-template 3 service-template 4 radio enable radio 2 radio-policy 1538 service-template 1 service-template 2 service-template 3 service-template 4 radio enable # wlan ap ap_07 model WA2620-AGN id 7 serial-id 219801A0AA9119G00823 radio 1 radio-policy 1793 service-template 1 service-template 2 service-template 3 service-template 4 radio enable radio 2 radio-policy 1794 service-template 1 service-template 2 service-template 3 service-template 4 radio enable ip route-static 0.0.0.0 0.0.0.0 Vlan-interface1 172.16.0.1 preference 1 # undo info-center logfile enable # ntp-service unicast-server 172.16.0.13 # load xml-configuration # user-interface con 0 user-interface vty 0 4 authentication-mode scheme user privilege level 3 # return <H3C.WIFI>
— David Gonzalez 2021/04/13 11:20
3com/router/radius_configuration/configuration_example_script.txt · Last modified: 2021/04/13 11:29 by dgonzalez