81
Setting the port authorization state
The port authorization state determines whether the client is granted access to the network or not. You
can control the authorization state of a port by using the dot1x port-control command and the following
keywords:
• authorized-force—Places the port in the authorized state, enabling users on the port to access the
network without authentication.
• unauthorized-force—Places the port in the unauthorized state, denying any access requests from
users on the port.
• auto—Places the port initially in unauthorized state to allow only EAPOL packets to pass. After a
user passes authentication, sets the port in the authorized state to allow access to the network. You
can use this option in most scenarios.
To set the authorization state of a port:
Ste
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter Layer 2 Ethernet
interface view.
interface interface-type
interface-number
N/A
3. Set the port authorization
state.
dot1x port-control { authorized-force |
auto | unauthorized-force }
By default, the auto state applies.
Specifying an access control method
Ste
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter Layer 2 Ethernet
interface view.
interface interface-type
interface-number
N/A
3. Specify an access control
method.
dot1x port-method { macbased |
portbased }
By default, MAC-based access
control applies.
Setting the maximum number of concurrent 802.1X
users on a port
Perform this task to prevent the system resources from being overused.
To set the maximum number of concurrent 802.1X users on a port:
Ste
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter Layer 2 Ethernet
interface view.
interface interface-type
interface-number
N/A
To Next Page
Loading...
Need help?
General