C613-50631-01 Rev A Command Reference for IE340 Series 2225
AlliedWare Plus™ Operating System - Version 5.5.3-0.x
AUTHENTICATION COMMANDS
AUTH
HOST-MODE
auth host-mode
Overview Use this command to select the host mode on the specified interface.
Use the no variant of this command to set host mode to the default setting (single
host).
Syntax
auth host-mode
{host-plus-voice|single-host|multi-host|multi-supplicant}
no auth host-mode
Default The default host mode for port authentication is for a single host.
Mode Interface Configuration for a static channel, a dynamic (LACP) channel group, or a
switch port; or Authentication Profile mode.
Usage notes Single-host mode
With this mode, only one supplicant may be authenticated on the port. Once that
host has been authenticated, no other supplicants may be authenticated until the
first supplicant’s session has closed. This means, of course, that none of the other
hosts downstream of the port will be able to send or receive traffic on that port.
This option is recommended when you know that there should only be one host
connected to a port. By limiting the port to a single authenticated host, you guard
against the consequences of someone accidentally or maliciously connecting a
downstream switch to the port.
Multi-host mode
With this mode, once the first host has been authenticated on the port, all other
downstream hosts are allowed without being authenticated. This is sometimes
known as piggy-back mode. It is useful when the downstream switch attached to
Parameter Description
host-plus-voice In this mode, only one voice device (IP phone) and one host
device can join the network. You use the RADIUS attribute
‘Cisco-AVPair device-traffic-class=voice’ to identify the IP
phone. For more information and a step-by-step
configuration example, see the “Limit the number of
supplicants when connecting via an IP phone” section of the
AAA and Port Authentication Feature Overview and
Configuration Guide.
single-host In this mode, only one supplicant is allowed per port. This is
the default mode.
multi-host In this mode, once the first host on a port is authenticated, all
other downstream hosts are allowed without being
authenticated (piggy-back mode).
multi-supplicant In this mode, multiple separate supplicants are individually
authenticated on one port.
To Next Page
Loading...
Need help?
General
