Hello everyone!
Today, I would like to bring you a 802.1x authentication function comparison between Huawei's vs. Cisco.
Even though our intranet system is down, we still need protection and security!
In my scenario, a user with invalid username and password will be banned from entering the system!
Those with a valid username and password will be included in the intranet system with permission!
Prerequisites:
IP routing between Switch and Radius Server is normal
Radius authentication function working on Switch is normal
Let's work together on the CLI screen one by one!
Huawei command Cisco command
Globally enable 802.1x authentication function
<Quidway>system-view Cisco# configure terminal
Enter system view, return user view with Ctrl+Z.
[Quidway] dot1x Cisco(config)# dot1x system-auth-control
Specify the port connected to the client that is to be enabled for 802.1x authentication
[Quidway] interface GigabitEthernet1/0/1 Cisco(config)# interface GigabitEthernet1/0/1
[Quidway-aaa-accounting-default] accounting-mode radius
Configuration complete
Now we save our configuration.
Huawei command Cisco command
[Quidway-aaa-accounting-default]quit Cisco(config)#exit
[Quidway-aaa] quit Cisco#write-memory
[Quidway] quit Cisco#end
<Quidway>save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Now saving the current configuration to the slot 0...
Save the configuration successfully.
<Quidway>
that's it!
Thanks!
