H3C交换机配置有线网802.1x认证

环境：
服务端：win2019下部署AD、Radius
设备型号：交换机为 H3C_s5130
用户端：使用win10系统自带802.1x认证客户端

<SW-H3c_5130>dis cu
#
 version 7.1.070, Release 6318P01
#
 sysname SW-H3c_5130
#
#
 dot1x
 dot1x authentication-method eap
#
#
interface Vlan-interface6
 ip address 192.168.6.254 255.255.255.0
#
#### 端口开启认证，连接待认证计算机
interface GigabitEthernet6/0/1
 port access vlan 6
 dot1x
 undo dot1x handshake
 dot1x mandatory-domain dot1x
#
#### 连接radius服务器
interface GigabitEthernet6/0/14
 port access vlan 6
#
#
 scheduler logfile size 16
#
line class aux
 user-role network-admin
#
line class vty
 user-role network-operator
#
line aux 5
 user-role network-admin
#
line vty 0 4
 authentication-mode scheme
 user-role network-operator
 protocol inbound ssh
#
line vty 5 63
 user-role network-operator
#
 ip route-static 0.0.0.0 0 10.1.4.254
#
 ssh server enable
#
#
#### 配置radius服务器地址为192.168.6.46
radius scheme dot1x
 primary authentication 192.168.6.46
 key authentication cipher $c$3$paxK0cf+V+Bz+ZrnaVrkxV0z4gKOQMc0cM3F5coT
#
radius scheme system
 user-name-format without-domain
#
domain dot1x
 authentication lan-access radius-scheme dot1x
 authorization lan-access none
 accounting lan-access none
#
#
local-user admin class manage
 password hash ***
 service-type https ssh terminal
 authorization-attribute user-role level-13
 authorization-attribute user-role network-admin
 authorization-attribute user-role network-operator
#
return

注：
dot1x authentication-method eap /默认是chap认证，当时在客户的环境中使用的是默认的chap认证，但是802.1x不通过，改成eap认证就好了/ 参考

参考：
Windows server 2019部署AD域 网页备份.mhtml

WindowsServer2019搭建Radius服务器，华为AC配置Radius认证 网页备份 .mhtml

通过Windows NPS，配置有线802.1x认证 网页备份 .mhtml

微软官方文档
配置 RADIUS 服务器
配置 RADIUS 客户端
配置网络策略