Configuration Guide 802.1x Configuration
In the privileged EXEC mode, you can configure the flag for EAPOL frames to carry TAG by performing the following
steps:
Ruijie(config)#dot1x eapol-tag
Enable the flag for EAPOL frames to carry TAG. By default,
the function is disabled.
You can disable this function by using the no dot1x eapol-tag command.
Configuring Port-based Authentication
The 802.1x controls users on the basis of their MAC addresses by default. Only the authenticated user can use the
network. With port-based authentication, the port is authenticated as long as a user is authenticated on a port.
Consequently, all users connecting to this port can access the network.
To configure port-based control mode, execute the following commands in the privileged EXEC mode.
Ruijie(config)#interface interface-id
Ruijie(config-if-type ID)#dot1x port-control auto
Enable the function being controlled.
Ruijie(config-if-type ID)#dot1x port-control-mode
{mac-based|port-based}
Select the controlled mode.
Ruijie#show dot1x port-control
Show the configuration of port 802.1X.
You can run no dot1x port-control-mode to restore the settings to the default control mode.
Following example shows how to configure the authentication mode of a port.
Ruijie# configure terminal
Ruijie(config)# interface interface-id
Ruijie(config-if)# dot1x port-control-mode port-base
In the port-based authentication mode, a port can be connected with only one authenticated user.
Port-based authentication mode can enable or disable dynamic users to migrate among multiple authenticated ports. By
default, the migration is allowed. To prohibit the migration, run the following commands one by one in the privileged EXEC
mode.
Ruijie(config)#dot1x stationarity enable
Disable the migration among ports.
To Next Page
Loading...
