Filter
Top Products
394 CHAPTER 21: 802.1X CONFIGURATION
Setting the Port Access
Control Mode
The following commands can be used for setting 802.1x access control mode on the
specified port. When no port is specified, the access control mode of all ports is
configured.
Perform the following configurations in System View or Ethernet Port View.
Table 413 Setting the Port Access Control Mode.
By default, the mode of 802.1x performing access control on the port is auto
(automatic identification mode, which is also called protocol control mode). That is,
the initial state of the port is unauthorized. It only permits EAPoL packets
receiving/transmitting and does not permit the user to access the network resources.
If the authentication flow is passed, the port will be switched to the authorized state
and permit the user to access the network resources. This is the most common case.
Setting the Port Access
Control Method
The following commands are used for setting 802.1x access control method on the
specified port. When no port is specified in System View, the access control method
of the port is configured globally.
Perform the following configurations in System View or Ethernet Port View.
Table 414 Setting the Port Access Control Method
By default, 802.1x authentication method on the port is macbased. That is,
authentication is performed based on MAC addresses.
Checking the Users that
Log on the Switch using
Proxy
The following commands are used for checking the users that log on the Switch using
proxy.
Perform the following configurations in System View or Ethernet Port View.
Table 415 Checking the Users that Log on the Switch using Proxy
These commands can be used to check on the specified interface when executed in
system view. The parameter
interface-list cannot be input when the command is
executed in Ethernet Port view and it has effect only on the current interface. After
globally enabling proxy user detection and control in system view, only if you enable
this feature on a specific port can this configuration take effect on the port.
Operation Command
Set the port access control
mode.
dot1x port-control { authorized-force |
unauthorized-force | auto } [ interface
interface_list ]
Restore the default access
control mode of the port.
undo dot1x port-control [ interface
interface_list ]
Operation Command
Set port access control
method
dot1x port-method { macbased | portbased } [
interface interface_list ]
Restore the default port
access control method
undo dot1x port-method [ interface
interface_list ]
Operation Command
Enable the check for
access users using
proxy
dot1x supp-proxy-check { logoff | trap } [ interface
interface_list ]
Cancel the check for
access users using
proxy
undo dot1x supp-proxy-check { logoff | trap } [
interface interface_list ]