Configuring Authentication
10-20 Configuring User Authentication
Displaying MultiAuth Configuration Information
MultiAuth authentication supports the display of system-wide MultiAuth authentication values,
MultiAuth authentication counters, port settings, end-user MAC addresses, session information,
idle timeout settings, session timeout settings, and trap settings.
Table 10-3 describes displaying of MultiAuth authentication settings and statistics.
Configuring VLAN Authorization
VLAN authorization allows for the dynamic assignment of users to the same VLAN. You
configure VLAN authorization attributes within RADIUS. On the switch you enable VLAN
authorization both globally and per-port. VLAN authorization is disabled globally by default.
VLAN authorization is enabled per port by default. You can also set the VLAN egress format
per-port. VLAN egress format defaults to untagged. VLAN egress format can be set as follows:
• none – No egress manipulation will be made.
• tagged – The authenticating port will be added to the current tagged egress for the VLAN-ID
returned.
• untagged – The authenticating port will be added to the current untagged egress for the
VLAN-ID returned.
Procedure 10-7 MultiAuth Authentication Timers Configuration
Step Task Command(s)
1. Optionally set the MultiAuth authentication idle
timeout value for the specified authentication
method.
set multiauth idle-timeout auth-method
timeout
2. Reset the MultiAuth authentication idle timeout
value to its default value for the specified
authentication method.
clear multiauth idle-timeout auth-method
3. Optionally set the maximum amount of time a
session can last before termination for the
specified authentication method.
set multiauth session-timeout auth-method
timeout
4. Reset the maximum amount of time a session
can last before termination to the default value
for the specified authentication method.
clear multiauth session-timeout
auth-method
Table 10-3 Displaying MultiAuth Authentication Configuration
Task Command(s)
Display system-wide MultiAuth authentication values. show multiauth
Display MultiAuth authentication port settings for all or the
specified ports.
show multiauth port [port-string]
Display end-user MAC addresses per port for all MAC
addresses and ports or for those specified.
show multiauth station [mac-address]
[port-string]
Display MultiAuth authentication sessions for all sessions
or the specified authentication method, MAC address, or
ports.
show multiauth session [agent
auth-method] [mac-address] [port-string]
Display MultiAuth authentication idle timeout values. show multiauth idle-timeout
Display MultiAuth authentication session timeout values. show multiauth session-timeout
To Next Page
Loading...
Need help?
General