3Com WX2200 3CRWX220095A Switch User Manual


 
532 CHAPTER 23: MANAGING 802.1X ON THE WX SWITCH
The default setting is enable, which permits 802.1X authentication to
occur as determined by the set dot1X port-control command for each
wired authentication port. The disable setting forces all wired
authentication ports to unconditionally authorize all 802.1X
authentication attempts by users with an EAP success message.
To reenable 802.1X authentication on wired authentication ports, type
the following command:
WX1200# set dot1x authcontrol enable
success: dot1x authcontrol enabled.
Setting 802.1X Port
Control
The following command specifies the way a wired authentication port or
group of ports handles user 802.1X authentication attempts:
set dot1x port-control
{forceauth | forceunauth | auto} port-list
The default setting is auto, which allows the WX switch to process
802.1X authentication normally according to the authentication
configuration. Alternatively, you can set a wired authentication port or
ports to either unconditionally authenticate or unconditionally reject all
users.
For example, the following command forces port 1 to unconditionally
authenticate all 802.1X authentication attempts with an EAP success
message:
WX1200# set dot1x port-control forceauth 1
success: authcontrol for 1 is set to FORCE-AUTH.
Similarly, the following command forces port 2 to unconditionally reject
any 802.1X attempts with an EAP failure message:
WX1200# set dot1x port-control forceunauth 2
success: authcontrol for 2 is set to FORCE-UNAUTH.
The set dot1x port-control command is overridden by the set dot1x
authcontrol command. The clear dot1x port-control command
returns port control to the default auto value.
Type the following command to reset port control for all wired
authentication ports:
WX1200# clear dot1x port-control
success: change accepted.