Configuration Guide 802.1x Configuration
When RADI
The following example shows how to configure Inaccessible Authentication Bypass:
Ruijie# configure terminal
Ruijie(config)# interface fa 0/1
Ruijie(config-if)# dot1x port-control auto
Ruijie(config-if)# dot1x critical
Ruijie(config-if)# dot1x critical recovery action reinitialize
After the server has recovered, normally authenticated users under the port can continue to access the
network without re-authentication. After the server is failed, IAB-authenticated users will be subject to the
authentication interaction initiated by the switch.
Configuring Multiple Accounts Switching
In some application environments, for example, an AD domain authentication environment of Microsoft, such an operating
requirement occurs sometimes that a user gets online after authentication using a username, and then switch to another
username to re-authenticate. This type of application, normally, is deployed with authorization applications. For example,
different accounts bind different authorization VLANs. By default, the device does not respond the authentication request
of which the username is changed but the user is still online. You need to enable the multiple accounts switching function
to support this type of application.
Use the following commands to configure the multiple accounts switching function.
To restore the default value, use the no dot1x multi-account enable command. This example shows how to configure
the multiple accounts switching function.
Using Virtual MAC Address as the Source MAC Address for Device Authentication Packet
If the first three bytes of the device MAC address are not 00d0.f8 or 00.1aa9, the source MAC address of 802.1X packets
is 001a.a917.ffff. By default, this feature is enabled.
Perform the following steps to use a virtual MAC address as the source MAC address of 802.1X packets.
To Next Page
Loading...
