Support User Manuals

Dell FCX624-I Laptop User Manual

Open as PDF

of 1494

1238 PowerConnect B-Series FCX Configuration Guide

53-1002266-01

Configuring 802.1X port security

34

Syntax: [no] dot1x-enable

At the dot1x configuration level, you can enable 802.1X port security on all interfaces at once, on

individual interfaces, or on a range of interfaces.

For example, to enable 802.1X port security on all interfaces on the device, enter the following

command.

PowerConnect(config-dot1x)#enable all

Syntax: [no] enable all

To enable 802.1X port security on interface 3/11, enter the following command.

PowerConnect(config-dot1x)#enable ethernet 3/11

Syntax: [no] enable ethernet <port>

Specify the <port> variable in the following formats:

• PowerConnect B-Series FCX stackable switches – <stack-unit/slotnum/portnum>

To enable 802.1X port security on interfaces 3/11 through 3/16, enter the following command.

PowerConnect(config-dot1x)#enable ethernet 3/11 to 3/16

Syntax: [no] enable ethernet <port> to <port>

Specify the <port> variable in the following formats:

• PowerConnect B-Series FCX stackable switches – <stack-unit/slotnum/portnum>

Setting the port control

To activate authentication on an 802.1X-enabled interface, you specify the kind of port control to

be used on the interface. An interface used with 802.1X port security has two virtual access

points: a controlled port and an uncontrolled port:

• The controlled port can be either the authorized or unauthorized state. In the authorized state,

it allows normal traffic to pass between the Client and the Authenticator. In the unauthorized

state, no traffic is allowed to pass.

• The uncontrolled port allows only EAPOL traffic between the Client and the Authentication

Server.

Refer to Figure 155 for an illustration of this concept.

By default, all controlled ports on the device are in the authorized state, allowing all traffic. When

you activate authentication on an 802.1X-enabled interface, its controlled port is placed in the

unauthorized state. When a Client connected to the interface is successfully authenticated, the

controlled port is then placed in the authorized state. The controlled port remains in the authorized

state until the Client logs off.

To activate authentication on an 802.1X-enabled interface, you configure the interface to place its

controlled port in the authorized state when a Client is authenticated by an Authentication Server.

To do this, enter commands such as the following.

PowerConnect(config)#interface e 3/1

PowerConnect(config-if-3/1)#dot1x port-control auto

Syntax: [no] dot1x port-control [force-authorized | force-unauthorized | auto]

previous next