192 CHAPTER 11: 802.1X CONFIGURATION
this command is used in Ethernet port view, the parameter interface-list
cannot be input and 802.1X can only be enabled on the current port..
Perform the following configurations in System View or Ethernet Port View.
Table 189 Enabling/Disabling 802.1X
You can configure 802.1X on an individual port before it is enabled globally. The
configuration will take effect after 802.1X is enabled globally.
By default, 802.1X authentication has not been enabled globally and on any port.
Setting the Port Access
Control Mode
The following commands can be used for setting 802.1X access control mode on
the specified port. When no port is specified, the access control mode of all ports
is configured.
Perform the following configurations in System View or Ethernet Port View.
Table 190 Setting the Port Access Control Mode.
By default, the mode of 802.1X performing access control on the port is auto
(automatic identification mode, which is also called protocol control mode). That
is, the initial state of the port is unauthorized. It only permits EAPoL packets
receiving/transmitting and does not permit the user to access the network
resources. If the authentication flow is passed, the port will be switched to the
authorized state and permit the user to access the network resources. This is the
most common case.
Setting the Port Access
Control Method
The following commands are used for setting 802.1X access control method on
the specified port. When no port is specified in System View, the access control
method of the port is configured globally.
Perform the following configurations in System View or Ethernet Port View.
Table 191 Setting the Port Access Control Method
By default, 802.1X authentication method on the port is macbased. That is,
authentication is performed based on MAC addresses.
Operation Command
Enable the 802.1X dot1x [ interface interface_list ]
Disable the 802.1X undo dot1x [ interface interface_list ]
Operation Command
Set the port access control
mode.
dot1x port-control { authorized-force |
unauthorized-force | auto } [ interface
interface_list ]
Restore the default access
control mode of the port.
undo dot1x port-control [ interface
interface_list ]
Operation Command
Set port access control
method
dot1x port-method { macbased | portbased } [
interface interface_list ]
Restore the default port
access control method
undo dot1x port-method [ interface
interface_list ]
To Next Page
Loading...
Need help?
General