802.1X Commands
OmniSwitch 6250 CLI Reference Guide November 2009 page 44-9
802.1x supplicant policy authentication
Configures a supplicant device classification policy for an 802.1x port. This type of policy uses 802.1x
authentication via a remote RADIUS server. A supplicant is any device that uses the 802.1x protocol for
authentication.
802.1x slot/port supplicant policy authentication [[pass] {group-mobility | vlan vid | default-vlan |
block | captive-portal}...] [[fail] {vlan vid | block | captive-portal}...]
Syntax Definitions
slot/port The slot and port number of the 802.1x port.
pass Indicates which policies to apply if 802.1x authentication is successful
but does not return a VLAN ID.
fail Indicates which policies to apply if 802.1x authentication fails or if
successful authentication returns a VLAN ID that does not exist.
group-mobility Use Group Mobility rules for device classification.
vlan vid Use this VLAN ID number for device classification.
default-vlan Assigns supplicant to the default VLAN for the 802.1x port.
block Blocks supplicant access on the 802.1x port.
captive-portal Use Captive Portal for web-based device classification.
Defaults
When 802.1x is enabled on the port, a default supplicant policy is defined for the port. This policy uses the
group-mobility and default-vlan parameters for the pass case and the block parameter for the fail case.
When the 802.1x supplicant policy authentication command is used without specifying any parameters,
the following values for the pass and fail case are configured by default:
Platforms Supported
OmniSwitch 6250
Usage Guidelines
• Supplicant device classification policies are applied only when successful 802.1x authentication does
not return a VLAN ID, returns a VLAN ID that does not exist, or authentication fails.
• When authentication does return a VLAN ID that exists in the switch configuration, the supplicant is
assigned to that VLAN and no further classification is performed.
parameter default
pass block
fail block
To Next Page
Loading...
