H3C交换机配置有线网802.1x认证

环境：
服务端：win2019下部署AD、Radius
设备型号：交换机为 H3C_s5130
用户端：使用win10系统自带802.1x认证客户端

```shell
<SW-H3c_5130>dis cu
#
 version 7.1.070, Release 6318P01
#
 sysname SW-H3c_5130
#
#
 dot1x
 dot1x authentication-method eap
#

#
interface Vlan-interface6
 ip address 192.168.6.254 255.255.255.0
#
#### 端口开启认证，连接待认证计算机
interface GigabitEthernet6/0/1
 port access vlan 6
 dot1x
 undo dot1x handshake
 dot1x mandatory-domain dot1x
#
#### 连接radius服务器
interface GigabitEthernet6/0/14
 port access vlan 6
#

#
 scheduler logfile size 16
#
line class aux
 user-role network-admin
#
line class vty
 user-role network-operator
#
line aux 5
 user-role network-admin
#
line vty 0 4
 authentication-mode scheme
 user-role network-operator
 protocol inbound ssh
#
line vty 5 63
 user-role network-operator
#
 ip route-static 0.0.0.0 0 10.1.4.254
#
 ssh server enable
#
#
#### 配置radius服务器地址为192.168.6.46
radius scheme dot1x
 primary authentication 192.168.6.46
 key authentication cipher $c$3$paxK0cf+V+Bz+ZrnaVrkxV0z4gKOQMc0cM3F5coT
#
radius scheme system
 user-name-format without-domain
#
domain dot1x
 authentication lan-access radius-scheme dot1x
 authorization lan-access none
 accounting lan-access none
#

#
local-user admin class manage
 password hash ***
 service-type https ssh terminal
 authorization-attribute user-role level-13
 authorization-attribute user-role network-admin
 authorization-attribute user-role network-operator
#
return

```
注：
dot1x authentication-method eap  /*默认是chap认证，当时在客户的环境中使用的是默认的chap认证，但是802.1x不通过，改成eap认证就好了*/ [参考](https://blog.csdn.net/weixin_34067102/article/details/91544260 "参考")

参考：
[Windows server 2019部署AD域](https://blog.51cto.com/u_15174261/2743217 "Windows server 2019部署AD域")  网页备份[.mhtml](/media/attachment/2021/12/Windows_server_2019部署AD域图文_wujiang990614_51CTO博客.mhtml)

[WindowsServer2019搭建Radius服务器，华为AC配置Radius认证](https://www.isolves.com/it/wlyx/fwq/2021-09-07/43692.html "WindowsServer2019搭建Radius服务器，华为AC配置Radius认证")   网页备份 [.mhtml](/media/attachment/2021/12/WindowsServer2019搭建Radius服务器华为AC配置Radius认证-简易百科.mhtml)

[通过Windows NPS，配置有线802.1x认证](https://blog.csdn.net/a371933136/article/details/118103430 "通过Windows NPS，配置有线802.1x认证")  网页备份 [.mhtml](/media/attachment/2021/12/20条消息_通过Windows_NPS配置有线802.1x认证_夜邢的博客-CSDN博客.mhtml)

微软官方文档
[配置 RADIUS 服务器](https://docs.microsoft.com/zh-cn/windows-server/networking/technologies/nps/nps-top#configure-radius-server "配置 RADIUS 服务器")
[配置 RADIUS 客户端](https://docs.microsoft.com/zh-cn/windows-server/networking/technologies/nps/nps-radius-clients-configure "配置 RADIUS 客户端")
[配置网络策略](https://docs.microsoft.com/zh-cn/windows-server/networking/technologies/nps/nps-np-configure "配置网络策略")