3.6. 用户验证-阿里云开发者社区

3.6. 用户验证

2018-01-09 1187

版权

本文内容由阿里云实名注册用户自发贡献，版权归原作者所有，阿里云开发者社区不拥有其著作权，亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容，填写侵权投诉表单进行举报，一经查实，本社区将立刻删除涉嫌侵权内容。

简介：

3.6.1. Telnet

local-user neo
 password simple chen
 service-type telnet

3.6.2. WEP

WEP 加密

			
<WA2220E-AG>system-view
System View: return to User View with Ctrl+Z.
[WA2220E-AG]interface WLAN-BSS2
[WA2220E-AG-WLAN-BSS2]wlan service-template 2 crypto
[WA2220E-AG-wlan-st-2]ssid www.example.com
[WA2220E-AG-wlan-st-2]authentication-method open-system
[WA2220E-AG-wlan-st-2]cipher-suite wep40
[WA2220E-AG-wlan-st-2]wep default-key 1 wep40 pass-phrase 123456
[WA2220E-AG-wlan-st-2]service-template enable

[WA2220E-AG]interface WLAN-Radio 1/0/2
[WA2220E-AG-WLAN-Radio1/0/2]service-template 2 interface WLAN-BSS 2
[WA2220E-AG-WLAN-Radio1/0/2]quit

interface WLAN-BSS2
wlan service-template 2 crypto
ssid www.example.com
authentication-method open-system
cipher-suite wep40
wep default-key 1 wep40 pass-phrase 12345
service-template enable

interface WLAN-Radio 1/0/2
service-template 2 interface WLAN-BSS 2

3.6.3. WAP2

wlan service-template 2 crypto
 ssid www.example.com
 cipher-suite ccmp
 security-ie rsn
 service-template enable


interface WLAN-BSS2
 port-security port-mode psk
 port-security tx-key-type 11key
 port-security preshared-key pass-phrase simple your_password

 interface WLAN-Radio1/0/2
 service-template 2 interface wlan-bss 2
#

3.6.4. WAP2 cipher

 wlan service-template 3 crypto
 ssid www.example.com
 cipher-suite ccmp
 security-ie rsn
 service-template enable

interface WLAN-BSS3
 port link-type hybrid
 port hybrid vlan 1 untagged
 port-security port-mode psk
 port-security tx-key-type 11key
 port-security preshared-key pass-phrase cipher wrWR2LZofLw4qvbcs+daVw==
#
interface WLAN-Radio1/0/2
 service-template 3 interface wlan-bss 3
#

3.6.5. Mac

配置radius scheme：
radius scheme mac-radius
primary authentication 192.168.30.3
primary accounting 192.168.30.3
secondary authentication 192.168.30.4
secondary accounting 192.168.30.4
key authentication 123456
key accounting 123456
user-name-format without-domain

2、配置MAC认证的域：
domain mac-dom
authentication default radius-scheme mac-radius
authorization default radius-scheme mac-radius
accounting default radius-scheme mac-radius
access-limit disable
state active
idle-cut disable
self-service-url disable

3、配置全局MAC认证：
port-security enable
mac-authentication domain mac-dom

4、开启无线端口的MAC认证
[AP01]  int WLAN-BSS 1
[AP01-WLAN-BSS1]   port-security port-mode mac-authentication
[AP01]  int WLAN-BSS 2
[AP01-WLAN-BSS2]   port-security port-mode mac-authentication

原文出处：Netkiller 系列手札
本文作者：陈景峯
转载请与作者联系，同时请务必标明文章原始出处和作者信息及本声明。

3.6. 用户验证

3.6.1. Telnet

3.6.2. WEP

3.6.3. WAP2

3.6.4. WAP2 cipher

3.6.5. Mac

热门文章

最新文章

相关电子书

相关实验场景