76
use EAP-TL, PEAP, or any other EAP authentication methods, you must use EAP relay. When you make
your decision, see "A comparison of EAP relay and EAP termination" for help.
For more information about EAP relay and EAP termination, see "802.1X authentication procedures."
Follow these steps to configure EAP relay or EAP termination:
Configure EAP relay or EAP
termination
dot1x authentication-method {
chap | eap | pap }
Optional
By default, the network access
device performs EAP termination
and uses CHAP to communicate
with the RADIUS server.
Specify the eap keyword to
enable EAP termination.
Specify the chap or pap keyword
to enable CHAP-enabled or PAP-
enabled EAP relay.
NOTE:
If EAP relay mode is used, the user-name-format command configured in RADIUS scheme view does
not take effect. The access device sends the authentication data from the client to the server without any
modification. For more information about the user-name-format command, see the
Security Command
Reference
.
Setting the port authorization state
The port authorization state determines whether the client is granted access to the network. You can
control the authorization state of a port by using the dot1x port-control command and the following
keywords:
 authorized-force—Places the port in the authorized state, enabling users on the port to access the
network without authentication.
 unauthorized-force—Places the port in the unauthorized state, denying any access requests from
users on the port.
 auto—Places the port initially in the unauthorized state to allow only EAPOL packets to pass, and
after a user passes authentication, sets the port in the authorized state to allow access to the
network. You can use this option in most scenarios.
You can set authorization state for one port in interface view, or for multiple ports in system view. If
different authorization state is set for a port in system view and interface view, the one set later takes
effect.
Follow these steps to set the authorization state of a port:
To Next Page
Loading...
Need help?
General