1.配置名称
sysname FC-RX_5F-SW-01
2.配置NTP
clock protocol ntp
ntp-service enable
ntp-service unicast-server x.x.x.x
clock timezone beijing add 8
3.配置voice vlan
voice-vlan mac-address 6ca8-4900-0000 mask ffff-ff00-0000 description voice
4.802.1X配置
全局:
dot1x dot1x authentication-method eap dot1x ead-assistant enable dot1x ead-assistant free-ip 10.1.41.101 255.255.255.255
radius scheme 1 primary authentication 10.1.32.250 # radius scheme sangfor primary authentication 10.1.32.250 primary accounting 10.1.32.250 key authentication cipher $c$3$uSfwpZTL1JNqL30J0uQd1Ik3xxqUbUuR+JooXNxf key accounting cipher $c$3$5oydtBseZRrmer+AGfYbKJir6p7GwY1I6juMgbZ0 user-name-format without-domain nas-ip 10.1.160.13
端口:
interface GigabitEthernet1/0/1 port link-type hybrid undo port hybrid vlan 1 port hybrid vlan 140 tagged port hybrid vlan 130 untagged port hybrid pvid vlan 130 stp edged-port dot1x dot1x mandatory-domain sangfor dot1x port-method portbased
5.stp bpdu保护开启
stp bpdu-protection
6.配置与汇聚或核心互联
interface Ten-GigabitEthernet1/0/51 port link-type trunk port trunk permit vlan all port link-aggregation group 1 # interface Ten-GigabitEthernet1/0/52 port link-type trunk port trunk permit vlan all port link-aggregation group 1 # interface Bridge-Aggregation1 port link-type trunk port trunk permit vlan all link-aggregation mode dynamic #
7.配置下联接入
pc vlan 130 voice vlan 140
interface GigabitEthernet1/0/1 port link-type hybrid undo port hybrid vlan 1 port hybrid vlan 140 tagged port hybrid vlan 130 untagged port hybrid pvid vlan 130 stp edged-port #