75
Setting the port authorization state
Specifying an access control method
Setting the maximum number of concurrent 802.1X users on a port
Setting the maximum number of authentication request attempts
Setting the 802.1X authentication timeout timers
Configuring the online user handshake function
Configuring the authentication trigger function
Specifying a mandatory authentication domain on a port
Enabling the periodic online user re-authentication function
Configuring an 802.1X guest VLAN
Configuring an Auth-Fail VLAN
Enabling 802.1X
NOTE:
ï‚· If the default VLAN of a port is a voice VLAN, the 802.1X function cannot take effect on the port. For more
information about voice VLANs, see the
Layer 2—LAN Switching Configuration Guide.
ï‚· 802.1X is mutually exclusive with link aggregation group configuration on a port.
Follow these steps to enable 802.1X on a port:
Required
Disabled by default.
dot1x interface interface-list
Required
Use either approach.
Disabled by default.
In Layer 2
Ethernet
interface view
interface interface-type interface-number
Specifying EAP relay or EAP termination
When configuring EAP relay or EAP termination, consider the following factors:
ï‚· The support of the RADIUS server for EAP packets
ï‚· The authentication methods supported by the 802.1X client and the RADIUS server
If the client is using only MD5-Challenge EAP authentication or the "username + password" EAP
authentication initiated by an iNode 802.1X client, you can use both EAP termination and EAP relay. To
To Next Page
Loading...
Need help?
General