Enterasys C5G124-24 - Configuring IEEE 802.1 x

Enterasys C5G124-24

452 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Configuring Authentication

10-14 Configuring User Authentication

Configuring IEEE 802.1x

Configuring IEEE 802.1x on an authenticator switch port consists of:

• Setting the authentication mode globally and per port

• Configuring optional authentication port parameters globally and per port

• Globally enabling 802.1x authentication for the switch

Procedure 10-1 describes how to configure IEEE 802.1x on an authenticator switch port.

Unspecified parameters use their default values.

realm Specifies authentication server

configuration scope.

Both: management-access and

network-access.

VLAN authorization

status

Enables or disables globally and per

port VLAN authorization.

Globally: Disabled.

Per Port: Enabled.

VLAN authorization

egress format

Determines whether dynamic VLAN

tagging will be none, tagged,

untagged, or dynamic for an egress

frame.

Untagged.

Table 10-1 Default Authentication Parameters (continued)

Parameter Description Default Value

Procedure 10-1 IEEE 802.1x Configuration

Step Task Command(s)

1. Set the IEEE 802.1x authentication mode both

globally and per port:

• Auto - The switch will only forward

authenticated frames.

• Forced-auth - 802.1x authentication is

effectively disabled for this port. All received

frames are forwarded.

• Forced-unauth - 802.1x authentication is

effectively disabled on the port. If 802.1x is

the only authentication method on the port, all

frames are dropped.

Note: Before enabling 802.1x authentication on

the switch, you must set the authentication

mode of ports that will not be participating in

802.1x authentication to forced-authorized to

assure that frames will be forwarded on these

ports. Examples of this kind of port are

connections between switches and connections

between a switch and a router.

The setting of dot1x options other than

authcontrolled-portcontrol are optional.

set dot1x auth-config

{[authcontrolled-portcontrol {auto |

forced-auth | forced-unauth}] [maxreq

value] [quietperiod value] [reauthenabled

{false | true}] [reauthperiod value]

[servertimeout timeout] [supptimeout

timeout] [txperiod value]} [port-string]

Table of Contents

Other manuals for Enterasys C5G124-24

Quick Reference2 pages

Related product manuals

Preview: Enterasys C3G124-24

Enterasys C3G124-24

Preview: Enterasys SecureStack C2

Enterasys SecureStack C2

Preview: SecureStack C2 C2G124-24

SecureStack C2 C2G124-24

Preview: SecureStack C2 C2G170-24

SecureStack C2 C2G170-24

Preview: SecureStack C2 C2G124-48P

SecureStack C2 C2G124-48P

Preview: Enterasys B5G124-24

Enterasys B5G124-24

Preview: Enterasys 08H20G4-24

Enterasys 08H20G4-24

Preview: Enterasys B5G124-24P2

Enterasys B5G124-24P2

Enterasys 08G20G4-48P

Preview: Enterasys Matrix 2G4072-52

Enterasys Matrix 2G4072-52

Preview: Enterasys Matrix-V V2H124-24

Enterasys Matrix-V V2H124-24

Preview: SecureStack A2 A2H124-24

SecureStack A2 A2H124-24