Operation Manual – 802.1x
Quidway S5600 Series Ethernet Switches-Release 1510 Chapter 1
802.1x Configuration
Huawei Technologies Proprietary
1-14
Operation Command Description
Set port access
control mode for
specified ports
dot1x port-control
{ authorized-force |
unauthorized-force | auto }
[ interface interface-list ]
Optional
By default, an 802.1x-enabled
port operates in an auto
mode.
Set port access
method for
specified ports
dot1x port-method
{ macbased | portbased }
[ interface interface-list ]
Optional
The default port access
method is
MAC-address-based (that is,
the macbased keyword is
used by default).
Set authentication
method for 802.1x
users
dot1x
authentication-method
{ chap | pap | eap }
Optional
By default, a switch performs
CHAP authentication in EAP
terminating mode.
Caution:
z 802.1x-related configurations can all be performed in system view. Port access
control mode and port access method can also be configured in port view.
z If you perform a configuration in system view and do not specify the interface-list
argument, the configuration applies to all ports. Configurations performed in
Ethernet port view apply to the current Ethernet port only and the interface-list
argument is not needed in this case.
z 802.1x configurations take effect only after you enable 802.1x both globally and for
specified ports.
z If you enable 802.1x for a port, it is not available to use the mac-address
max-mac-count command to set the maximum number of MAC addresses that can
be learnt for the port. Meanwhile, if you set the maximum number of MAC addresses
that can be learnt for a port, it is prohibited to enable 802.1x for the port.
z If you enable 802.1x for a port, it is not available to add the port to an aggregation
group. Meanwhile, if a port has been added to an aggregation group, it is prohibited
to enable 802.1x for the port.
To Next Page
Loading...
Need help?
General