91
Specifying an access control method
You can specify an access control method for one port in Ethernet interface view, or for multiple ports in
system view. If different access control methods are specified for a port in system view and Ethernet
interface view, the one specified later takes effect.
Follow these steps to specify the access control method:
To do… Use the command… Remarks
Enter system view system-view —
Specify an
access control
method
In system view
dot1x port-method { macbased |
portbased } [ interface
interface-list ]
Optional
Use either approach.
By default, MAC-based access
control applies.
In Ethernet
interface view
interface interface-type
interface-number
dot1x port-method { macbased |
portbased }
NOTE:
To use both 802.1X and portal authentication on a port, you must specify MAC-based access control. For
information about portal authentication, see the chapter “Portal configuration.”
Setting the maximum number of concurrent 802.1X users on a
port
You can set the maximum number of concurrent 802.1X users for ports individually in Ethernet interface
view or in bulk in system view. If different settings are configured for a port in both views, the setting
configured later takes effect.
Follow these steps to set the maximum number of concurrent 802.1X users on a port:
To do… Use the command… Remarks
Enter system view system-view —
Set the
maximum
number of
concurrent
802.1X users
on a port
In system view
dot1x max-user user-number
[ interface interface-list ]
Optional
Use either approach.
2048 by default.
In Ethernet
interface view
interface interface-type
interface-number
dot1x max-user user-number
[ interface interface-list ]
Setting the maximum number of authentication request attempts
The network access device retransmits an authentication request if it receives no response to the request
it has sent to the client within a period of time (specified by using the dot1x timer tx-period
tx-period-value command or the dot1x timer supp-timeout supp-timeout-value command). The network
access device stops retransmitting the request, if it has made the maximum number of request
transmission attempts but still received no response.
To Next Page
Loading...
Need help?
General