MES1000, MES2000 Ethernet Switches 173
Table 5.199 —Global configuration mode commands
dot1x system-auth-control
Enable 802.1X authentication mode on the switch.
no dot1x
system-auth-control
Disable 802.1X authentication mode on the switch.
aaa authentication dot1x
default {none | radius}
[none | radius]
Specify one or two authentication, authorization and
accounting methods for utilization on IEEE 802.1X interfaces.
- none—do not perform the authentication
- radius—use RADIUS server list for user authentication
The second authentication method is used only when
the first authentication method has failed.
no aaa authentication
dot1x default
Restore the default value.
Ethernet interface configuration mode commands
Command line request in Ethernet interface configuration mode appears as follows:
console(config-if)#
EAP (Extensible Authentication Protocol) performs remote client authentication tasks, and
defines the authentication method.
Table 5.200 —Ethernet interface configuration mode commands
dot1x port-control
{auto | force-authorized |
force-unauthorized}
[time-range range_name]
-/ force-authorized
range_name: {1..32
symbols}
Configure 802.1X authentication on the interface. Enable the
manual monitoring of the port authorization state.
- auto—use 802.1X for changing client state from authorized
to unauthorized and visa versa
- force-authorized—disable 802.1X authentication on the
interface Port will enter the authorized state without
authentication.
- force-unauthorized—transfer the port into unauthorized
state All client authentication attempts are ignored, the switch
will not provide the authentication service for this port
- time—time interval If this parameter is not defined, the port
will not be authorized.
Restore the default value.
-/ recurring authentication
checks are disabled
Enable recurring client authentication checks (re-
authentication).
no dot1x reauthentication
Disable recurring client authentication checks (re-
authentication).
dot1x timeout reauth-
period period
30..4294967295/
3600 seconds
Specify the period between the recurring authentication
checks.
no dot1x timeout reauth-
period
Restore the default value.
dot1x timeout quiet-period
period
Specify the period, during which the switch will remain in the
silent state after unsuccessful authentication.
During this period, the switch will not accept or initiate any
authentication messages.
no dot1x timeout quiet-
period
Restore the default value.
dot1x timeout tx-period
period
Specify the period, during which the switch will wait for the
response to the request or EAP identification from the client
before re-sending the request.
no dot1x timeout tx-period
Restore the default value.
Specify the maximum number of attempts for protocol
request transfer to EAP client before the new authentication
process execution.
Restore the default value.
To Next Page
Loading...
Need help?
General
