Dell 9.8(0.0) Network Router User Manual


  Open as PDF
of 1910
 
Command
History
This guide is platform-specific. For command information about other platforms,
refer to the relevant Dell Networking OS Command Line Reference Guide.
The following is a list of the Dell Networking OS version history for this command.
Version Description
9.7(0.0) Introduced on the S6000–ON.
9.0.2.0 Introduced on the S6000.
8.3.19.0 Introduced on the S4820T.
8.3.11.1 Introduced on the Z9000.
8.3.7.0 Introduced on the S4810.
7.6.1.0 Introduced on the C-Series, S-Series, and E-Series.
Usage
Information
802.1X authentication is enabled when an interface is connected to the switch. If
the host fails to respond within a designated amount of time, the authenticator
places the port in the guest VLAN.
If a device does not respond within 30 seconds, it is assumed that the device is not
802.1X capable. Therefore, a guest VLAN is allocated to the interface and
authentication for the device occurs at the next re-authentication interval (dot1x
reauthentication
).
If the host fails authentication for the designated number of times, the
authenticator places the port in authentication failed VLAN (dot1x auth-fail-
vlan).
NOTE: The layer 3 portion of guest VLAN and authentication fail VLANs can be
created regardless if the VLAN is assigned to an interface or not. After an
interface is assigned a guest VLAN (which has an IP address), routing through
the guest VLAN is the same as any other traffic. However, the interface may
join/leave a VLAN dynamically.
Related
Commands
dot1x auth-fail-vlan — configures a VLAN for authentication failures.
dot1x reauthentication — enables periodic re-authentication.
show dot1x interface — displays the 802.1X information on an interface.
dot1x mac-auth-bypass
Enable MAC authentication bypass. If 802.1X times out because the host did not respond to the Identity
Request frame, Dell Networking OS attempts to authenticate the host based on its MAC address.
Syntax
[no] dot1x mac-auth-bypass
Defaults Disabled
Security
1627