Support User Manuals

D-Link DES-3200 Switch User Manual

Open as PDF

of 523

xStack® DES-3200 Series Layer 2 Ethernet Managed Switch CLI Reference Guide

183

21

802.1X COMMANDS

The Switch implements IEEE 802.1X Port-based and Host-based Access Control. This mechanism is intended to allow only

authorized users, or other network devices, access to network resources by establishing criteria for each port on the Switch that a

user or network device must meet before allowing that port to forward or receive frames. The 802.1X commands in the Command

Line Interface (CLI) are listed (along with the appropriate parameters) in the following table:

Command Parameters

enable 802.1x

disable 802.1x

show 802.1x [auth_state | auth_configuration ] {ports <portlist>}

config 802.1x capability ports [<portlist> | all] [authenticator | none]

config 802.1x auth_parameter ports [<portlist> | all] [default | {direction [both | in] | port_control [force_unauth |

auto | force_auth] | quiet_period <sec 0-65535> | tx_period <sec 1-65535> |

supp_timeout <sec 1-65535> | server_timeout <sec 1-65535> | max_req

<value 1-10> | reauth_period <sec 1-65535> | enable_reauth [enable |

disable]}] (1)

config 802.1x auth_protocol [local |radius_eap]

config 802.1x init [port_based ports [<portlist> | all>] | mac_based ports [<portlist> | all]

{mac_address <macaddr>}]

config 802.1x auth_mode [port_based | mac_based]

config 802.1x reauth [port_based ports [<portlist> | all] | mac_based ports [<portlist> | all]

{mac_address <macaddr>}]

config radius add <server_index 1-3> [<server_ip> key <passwd 32> [default | {auth_port

<udp_port_number 1-65535> | acct_port <udp_port_number 1-65535> |

timeout <int 1-255> | retransmit <int 1-255>} (1) ]

config radius delete <server_index 1-3>

config radius <server_index 1-3> {ipaddress <server_ip> | key <passwd 32> [auth_port

<udp_port_number 1-65535> acct_port <udp_port_number 1-65535>] |

timeout <int 1-255> | retransmit <int 1-255>} (1)

config radius parameter { timeout <int 1-255> | retransmit <int 1-255>} (1)

show radius

create 802.1x guest_vlan {<vlan_name 32>}

config 802.1x guest_vlan ports [<portlist> | all] state [enable | disable]

delete 802.1x guest_vlan {<vlan_name 32>}

show 802.1x guest_vlan

show auth_statistics {ports <portlist>}

show auth_diagnostics {ports <portlist>}

show auth_session_statistics {ports <portlist>}

show auth_client

show acct_client

create 802.1x user <username 15>

delete 802.1x user <username 15>

previous next