262 CHAPTER 11: 802.1X CONFIGURATION
Enabling/Disabling
802.1x
The following command can be used to enable/disable the 802.1x on the specified
port or globally. When it is used in System View ,if the parameter
interface-list
is not specified, 802.1x will be globally enabled. If the parameter
interface-list
is specified, 802.1x will be enabled on the specified port. When this command is
used in Ethernet port view, the parameter
interface-list
cannot be input and
802.1x can only be enabled on the current port..
Perform the following configurations in System View or Ethernet Port View.
Table 284 Enabling/Disabling 802.1x
You can configure 802.1x on an individual port before it is enabled globally. The
configuration will take effect after 802.1x is enabled globally.
By default, 802.1x authentication has not been enabled globally and on any port.
Setting the Port Access
Control Mode
The following commands can be used for setting 802.1x access control mode on
the specified port. When no port is specified, the access control mode of all ports
is configured.
Perform the following configurations in System View or Ethernet Port View.
Table 285 Setting the Port Access Control Mode.
By default, the mode of 802.1x performing access control on the port is auto
(automatic identification mode, which is also called protocol control mode). That
is, the initial state of the port is unauthorized. It only permits EAPoL packets
receiving/transmitting and does not permit the user to access the network
resources. If the authentication flow is passed, the port will be switched to the
authorized state and permit the user to access the network resources. This is the
most common case.
Setting the Port Access
Control Method
The following commands are used for setting 802.1x access control method on
the specified port. When no port is specified in System View, the access control
method of the port is configured globally.
Perform the following configurations in System View or Ethernet Port View.
Table 286 Setting the Port Access Control Method
Operation Command
Enable the 802.1x dot1x [ interface
interface_list
]
Disable the 802.1x undo dot1x [ interface
interface_list
]
Operation Command
Set the port access control
mode.
dot1x port-control { authorized-force |
unauthorized-force | auto } [ interface
interface_list
]
Restore the default access
control mode of the port.
undo dot1x port-control [ interface
interface_list
]
Operation Command
Set port access control
method
dot1x port-method { macbased | portbased } [
interface
interface_list
]
To Next Page