Chapter 7
| Authentication Commands
802.1X Port Authentication
– 240 –
802.1X Port Authentication
The switch supports IEEE 802.1X (dot1x) port-based access control that prevents
unauthorized access to the network by requiring users to first submit credentials
for authentication. Client authentication is controlled centrally by a RADIUS server
using EAP (Extensible Authentication Protocol).
Table 46: 802.1X Port Authentication Commands
Command Function Mode
General Commands
dot1x default Resets all dot1x parameters to their default values GC
dot1x eapol-pass-through Passes EAPOL frames to all ports in STP forwarding state
when dot1x is globally disabled
GC
dot1x system-auth-control Enables dot1x globally on the switch. GC
Authenticator Commands
dot1x intrusion-action Sets the port response to intrusion when authentication
fails
IC
dot1x max-reauth-req Sets the maximum number of times that the switch sends
an EAP-request/identity frame to the client before
restarting the authentication process
IC
dot1x max-req Sets the maximum number of times that the switch
retransmits an EAP request/identity packet to the client
before it times out the authentication session
IC
dot1x operation-mode Allows single or multiple hosts on an dot1x port IC
dot1x port-control Sets dot1x mode for a port interface IC
dot1x re-authentication Enables re-authentication for all ports IC
dot1x timeout quiet-period Sets the time that a switch port waits after the Max Request
Count has been exceeded before attempting to acquire a
new client
IC
dot1x timeout re-authperiod Sets the time period after which a connected client must
be re-authenticated
IC
dot1x timeout supp-timeout Sets the interval for a supplicant to respond IC
dot1x timeout tx-period Sets the time period during an authentication session that
the switch waits before re-transmitting an EAP packet
IC
dot1x re-authenticate Forces re-authentication on specific ports PE
Information Display Commands
show dot1x Shows all dot1x related information PE
To Next Page
Loading...
