!HammerOS system config file
hostname u24
!Syslog config
!Stack config
!Port config
config port 1 learning disable ;;;/*设备开启802.1x后将自动关闭端口的地址学习功能*/
config port 2 learning disable
config port 3 learning disable
config port 4 learning disable
config port 5 learning disable
config port 6 learning disable
config port 7 learning disable
config port 8 learning disable
config port 9 learning disable
config port 10 learning disable
config port 11 learning disable
config port 12 learning disable
config port 13 learning disable
config port 14 learning disable;;;
config port 15 learning disable
config port 16 learning disable
config port 17 learning disable
config port 18 learning disable
config port 19 learning disable
config port 20 learning disable
config port 21 learning disable
config port 22 learning disable
config port 23 learning disable
config port 24 learning disable
!Vlan config
config ipaddress 192.168.2.254 255.255.255.0 /*设置设备的治理IP地址*/
!Arp config
!STPD config
!FDB entry config
create fdbentry 00053b8015ed port 24;;;/*在24端口静态设置上联三层设备的MAC地址*/
!Igmp snooping config
!Mirroring config
!Traceroute config
!Sntp config
!Timezone config
!Rstp config
!Dot1x config
config dot1x enable;/*开启802.1x认证功能*/
config port 1 dot1x port-control-mode port-based; /*设定1-23端口打开认证,认证模式为
config port 2 dot1x port-control-mode port-based基于端口认证 */
config port 3 dot1x port-control-mode port-based
config port 4 dot1x port-control-mode port-based
config port 5 dot1x port-control-mode port-based
config port 6 dot1x port-control-mode port-based
config port 7 dot1x port-control-mode port-based
config port 8 dot1x port-control-mode port-based
config port 9 dot1x port-control-mode port-based
config port 10 dot1x port-control-mode port-based
config port 11 dot1x port-control-mode port-based
config port 12 dot1x port-control-mode port-based
config port 13 dot1x port-control-mode port-based
config port 14 dot1x port-control-mode port-based
config port 15 dot1x port-control-mode port-based
config port 16 dot1x port-control-mode port-based
config port 17 dot1x port-control-mode port-based
config port 18 dot1x port-control-mode port-based
config port 19 dot1x port-control-mode port-based
config port 20 dot1x port-control-mode port-based
config port 21 dot1x port-control-mode port-based
config port 22 dot1x port-control-mode port-based
config port 23 dot1x port-control-mode port-based
config port 24 dot1x authcontrolledportcontrol forceunauth /*24口作为上联口不认证*/
config dot1x keepalive enable
!Port bind config
!RADIUS client config
radius authentication add-server id 0 server-ip 192.168.110.252 client-ip 192.168.2.254 udp-port 1812; /*设定认证服务器为192.168.110.252,使用UDP端口1812*/
radius authentication config-server id 0 shared-secret 123456
/*设定认证服务器交换信息密码123456 */
radius accounting add-server id 0 server-ip 192.168.110.252 client-ip 192.168.2.254 udp-port 1813
/*设定计费服务器为192.68.110.252,使用UDP端口1813*/
radius accounting config-server id 0 shared-secret 123456
/*设定计费服务器交换信息的密码为123456*/
radius authentication enable/*开启认证服务器*/
radius accounting enable;;/*开启计费服务器*/
config isp-domain default authentication type pap /*设定与认证服务器的加密方式为PAP*/
config isp-domain default authentication config-server id 0 type primary
config isp-domain default accounting config-server id 0 type primary
!Loop detect config
!Dot1p config
!BroadcastLimit config
!Bandwidth config
!User manage config
!SNMP config
!Web manage service config
!IP route config
ip route 0.0.0.0 0.0.0.0 192.168.2.254;;/*指定治理地址的网关*/
!H.Link config
!Network Access-control service config
!lldp config
!!End of config
