Filter
Top Products
802.1x Client Version Checking Configuration 401
When the Guest VLAN function is enabled:
■ The switch broadcasts active authentication packets to all 802.1x-enabled ports.
■ The switch adds the ports that do not return response packets to Guest VLAN
When the maximum number of authentication retries is reached.
■ Users belonging to the Guest VLAN can access the resources of the Guest VLAN
without being authenticated. But they need to be authenticated before accessing
external resources.
Prerequisites
■ The ports operate in port-based authentication mode.
■ The VLAN specified to be the Guest VLAN already exists.
Guest VLAN
Configuration
Configuring Guest VLAN in system view
Configure Guest VLAN in
Ethernet port view
The Guest VLAN function is available only when the switch operates in the port-based
authentication mode.
Only one Guest VLAN can be configured for a switch.
Supplicant systems that are not authenticated, fail to pass the authentication, or are
offline belong to Guest VLANs.
Guest VLAN
Configuration Example
Network requirements
■ Create VLAN 2.
■ Configure Ethernet1/0/1 port to operate in port-based authentication mode.
■ Configure Guest VLAN for Ethernet1/0/1 port.
Table 426 Configure Guest VLAN in system view
Operation Command Description
Enter system view system-view —
Configure Guest VLAN
for specified ports
dot1x guest-vlan vlan-id [
interface interface-list ]
Required
This operation applies to all ports
of the switch if you do not provide
the interface-list argument. And if
you specify the interface-list
argument, the operation applies to
the specified Ethernet ports.
Table 427 Configure Guest VLAN in Ethernet port view
Operation Command Description
Enter system view system-view —
Enter Ethernet port view interface interface-type
interface-num
—
Configure Guest VLAN
for the port
dot1x guest-vlan vlan-id Required
This operation configures Guest
VLAN for the current port only.