Extreme Networks EAS 100-24t Switch CLI Manual
237
CHAPTER
9
Security
802.1X Commands
The switch implements IEEE 802.1X Port-based and Host-based Access Control. This mechanism is
intended to allow only authorized users, or other network devices, access to network resources by
establishing criteria for each port on the switch that a user or network device must meet before allowing
that port to forward or receive frames. The 802.1X commands in the CLI are listed (along with the
appropriate parameters) in the following table:
Command Parameters
enable 802.1x
disable 802.1x
show 802.1x auth_configuration {ports <portlist>}
show 802.1x auth_state {ports <portlist>}
config 802.1x capability ports [<portlist> | all] [authenticator | none]
config 802.1x auth_parameter
ports
[<portlist> | all] [default | {direction [both | in] | port_control [force_unauth | auto
| force_auth] | quiet_period <sec 0-65535> | tx_period <sec 1-65535> |
supp_timeout <sec 1-65535> | server_timeout <sec 1-65535> | max_req
<value 1-10> | reauth_period <sec 1-65535> | enable_reauth [enable |
disable]}]
config 802.1x auth_protocol [local | radius_eap]
config 802.1x init [port_based ports [<portlist> | all] | mac_based [ports] [<portlist> | all]
{mac_address <macaddr>}]
config 802.1x reauth [port_based ports [<portlist> | all] | mac_based [ports] [<portlist> | all]
{mac_address <macaddr>}]
config radius add <server_index 1-3> [<server_ip>] key <passwd 32> [default |
{auth_port<udp_port_number 1-65535> | acct_port <udp_port_number 1-
65535> }]
config radius delete <server_index 1-3>
config radius <server_index 1-3> {ipaddress [<server_ip>] | key <passwd 32> | auth_port
<udp_port_number 1-65535> | acct_port <udp_port_number 1-65535> }
config radius parameter {timeout <int 1-255> | retransmit <int 1-255>}
show radius
show auth_statistics {ports <portlist>}
show auth_diagnostics {ports <portlist>}
show auth_session_statistics {ports <portlist>}
To Next Page
Loading...
