Filter
Top Products
AT-9000 Switch Command Line User’s Guide
907
DOT1X CONTROL-DIRECTION
Syntax
dot1x control-direction
in
|
both
Parameters
dir
Specifies whether authenticator ports that are in the unauthorized
state should forward egress broadcast and multicast traffic: The
options are:
in: Specifies that authenticator ports in the unauthorized state
should forward egress broadcast and multicast traffic and discard
the ingress broadcast and multicast traffic. This is the default
setting.
both: Specifies that authenticator ports in the unauthorized state
should discard both ingress and egress broadcast and multicast
traffic.
Mode
Port Interface mode
Description
Use this command to specify whether the switch should forward or discard
egress broadcast and multicast packets from authenticator ports that are
in the unauthorized state.
Generally, authenticator ports that are in the unauthorized state discard all
ingress and egress traffic, until a client logs on. There are, however, two
exceptions, one of which is the EAP packets that the clients and the
authenticator server exchange during the authentication process. If the
switch discarded these packets on ports that are in the unauthorized state,
clients would never be able to log on.
The other exception concerns broadcast and multicast packets.
Authenticator ports that are in the unauthorized state always discard
ingress packets of these types. However, authenticator ports can be
configured to forward egress broadcast and multicast packets even when
they are in the unauthorized state. This makes it possible for the
unauthorized clients on the ports to receive these packets. This is the
default setting for authenticator ports.
There are two options in this command, representing the two possible
settings. Authenticator ports that are set to the IN option forward egress