172 MES3000 Ethernet switch series
console(config)#
Table 5.200 —Global configuration mode commands
dot1x system-auth-control
Enable IEEE 802.1X authentication mode on the switch.
no dot1x
systemauthcontrol
Disable IEEE 802.1X authentication mode on the switch.
aaa authentication dot1x
default {none | radius}
[none | radius]
Specify one or two authentication, authorization and accounting
methods for utilization on IEEE 802.1X interfaces.
- none—do not perform the authentication
- radius—use RADIUS server list for user authentication
The second authentication method is used only when the
first authentication method has failed.
no aaa authentication
dot1x default
Restore the default value.
Ethernet interface configuration mode commands
Command line request in Ethernet interface configuration mode appears as follows:
console(config-if)#
EAP (Extensible Authentication Protocol) performs remote client authentication tasks, and
defines the authentication method.
Table 5.201 —Ethernet interface configuration mode commands
dot1x port-control {auto |
force-authorized |
forceunauthorized}
[timerange time]
-/ force-authorized
time: (1 .. 32)
Configure IEEE 802.1X authentication on the interface. Enable the
manual monitoring of the port authorization state.
- auto—use IEEE 802.1X for changing client state from authorized to
unauthorized and visa versa
- force-authorized—disable IEEE 802.1X authentication on the
interface. Port will enter the authorized state without
authentication.
- force-unauthorized—transfer the port into unauthorized state All
client authentication attempts are ignored, the switch will not
provide the authentication service for this port
- time—time interval. If this parameter is not defined, the port will
not be authorized.
Restore the default value.
-/ recurring authentication
checks are disabled
Enable recurring client authentication checks (re-authentication).
no dot1x reauthentication
Disable recurring client authentication checks (re-authentication).
dot1x timeout reauth-
period period
300..4294967295/
3600 seconds
Specify the period between the recurring authentication checks.
no dot1x timeout reauth-
period
Restore the default value.
dot1x timeout quiet-period
period
Specify the period during which the switch will remain in the silent
state after unsuccessful authentication.
During this period, the switch will not accept or initiate any
authentication messages.
no dot1x timeout quiet-
period
Restore the default value.
dot1x timeout tx-period
period
Specify the period, during which the switch will wait for the
response to the request or EAP identification from the client before
re-sending the request.
no dot1x timeout tx-period
Restore the default value.
Specify the maximum number of attempts for protocol request
transfer to EAP client before the new authentication process
execution.
To Next Page
Loading...
Need help?
General
