Filter
Top Products
Configuring Switch Information 267
Enabling Port Based Authentication Using the CLI Commands
The following table summarizes the equivalent CLI commands for enabling the port based
authentication as displayed in the Port Based Authentication table.
Table 7-1. Port Authentication CLI Commands
CLI Command Description
aaa authentication dot1x default
method1 [method2.]
Specifies one or more authentication, authorization, and accounting
(AAA) methods for use on interfaces running IEEE 802.1X.
dot1x auth-not-req Enables authorized devices access to the VLAN.
dot1x guest-vlan Defines a Guest VLAN.
dot1x guest vlan enable Enables authorized users on the inteface to access the Guest VLAN.
dot1x mac-authentication Enables authentication based on the station’s MAC address (MAC
based authentication).
dot1x max-req count Sets the maximum number of times that the device sends an EAP to
the client, before restarting the authentication process.
dot1x re-authenticate [ethernet
interface]
Manually initiates a re-authentication of all 802.1X-enabled ports or the
specified 802.1X-enabled port.
dot1x re-authentication Enables periodic re-authentication of the client.
dot1x timeout quiet-period seconds Sets the number of seconds that the device remains in the quiet state
following a failed authentication exchange.
dot1x timeout re-authperiod seconds Sets the number of seconds between re-authentication attempts.
dot1x timeout server-timeout seconds Sets the time for the retransmission of packets to the authentication server.
dot1x timeout supp-timeout seconds Sets the time for the retransmission of an EAP request frame to the client.
dot1x timeout tx-period seconds Sets the number of seconds that the device waits for a response to an EAP -
request/identity frame, from the client, before resending the request.
dot1x traps mac-authentication failure Enables sending traps when the MAC address failed authenticaiton
(MAC based authentication).
dot1x radius-attribues vlan Enables user-based VLAN assignment.
show dot1x [ethernet interface] Displays 802.1X status for the device or for the specified interface.
show dot1x advanced Displays 802.1X advanced features for the switch or specified interface.
show dot1x users [username username] Displays 802.1X users for the device.
dot1x guest-vlan enable
Enables using a guest VLAN for unauthorized ports. If a Guest
VLAN is enabled, the unauthorized port automatically joins the
VLAN selected in VLAN List field. The field default is disabled.
dot1x guest-vlan
Contains a list of VLANs. The guest VLAN is selected from the
VLAN List