Configuring Access Guardian Configuring Port-Based Network Access Control
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 28-39
unp 802.1x-authentication bypass-
8021x
Configures whether to bypass 802.1X authentication on the port.
See “Configuring 802.1X Authentication Bypass” on page 28-44.
unp 802.1x-authentication failure-
policy
Configures whether to attempt MAC authentication if 802.1X
authentication fails or let the port configuration classify the device.
unp 802.1x-authentication tx-
period
Configures the re-transmission time interval for UNP ports on
which 802.1X authentication is enabled.
unp 802.1x-authentication supp-
timeout
Configures the amount of time the switch will wait before timing
out an 802.1X user attempting to authenticate through the port.
unp 802.1x-authentication max-
req
Configures the maximum number of times the switch will transmit a
request for authentication information to an 802.1X user on the port.
unp mac-authentication allow-eap Configures whether to attempt 802.1X authentication after MAC
authentication passes or fails on a UNP port that has 802.1X bypass
enabled.
unp mac-authentication Configures the status of MAC authentication for the UNP port.
unp mac-authentication pass-
alternate
Assigns the name of an existing UNP as an alternate profile. If
successful MAC authentication does not return a UNP, the device
can be classified into this alternate profile.
unp classification Configures the status of rule-based classification for the UNP port.
When enabled, UNP classification rules are applied if device
authentication does not provide a UNP name for a device connected
to the port.
unp trust-tag Configures the option of whether to trust the VLAN ID of a tagged
packet to determine how the packet is classified. When enabled,
packets carrying a VLAN ID tag that matches a VLAN configured
on the switch are dynamically assigned to that VLAN.
unp default-profile Assigns the name of an existing UNP as the default profile for the
UNP port. If device authentication or classification does not provide
a UNP name for a user device, the device can be classified into the
default profile.
unp domain Assigns a UNP port to a numerical domain ID. All UNP ports
assigned to the same domain ID are considered members of a
logical domain group. See “Configuring UNP Port Domains” on
page 28-47.
unp aaa-profile Assigns the name of an existing AAA configuration profile to a
UNP port. The port-level AAA profile configuration overrides the
global AAA configuration for the switch. See “Using AAA
Configuration Profiles” on page 28-35.
unp port port-template Assigns the name of a custom port template to a UNP port. By
default, the “bridgeDefaultPortTemplate” template is assigned to
UNP bridge ports and the “accessDefaultPortTemplate” template is
assigned to UNP access ports. Use this command to assign a custom
port template that will override the default port template values. See
“Using UNP Port Templates” on page 28-41.
unp direction Configures whether egress broadcast, unknown unicast, or multicast
traffic is allowed on the UNP port.
To Next Page
Loading...
