D-Link DES-3200 Switch User Manual


 
xStack® DES-3200 Series Layer 2 Ethernet Managed Switch CLI Reference Guide
183
21
802.1X COMMANDS
The Switch implements IEEE 802.1X Port-based and Host-based Access Control. This mechanism is intended to allow only
authorized users, or other network devices, access to network resources by establishing criteria for each port on the Switch that a
user or network device must meet before allowing that port to forward or receive frames. The 802.1X commands in the Command
Line Interface (CLI) are listed (along with the appropriate parameters) in the following table:
Command Parameters
enable 802.1x
disable 802.1x
show 802.1x [auth_state | auth_configuration ] {ports <portlist>}
config 802.1x capability ports [<portlist> | all] [authenticator | none]
config 802.1x auth_parameter ports [<portlist> | all] [default | {direction [both | in] | port_control [force_unauth |
auto | force_auth] | quiet_period <sec 0-65535> | tx_period <sec 1-65535> |
supp_timeout <sec 1-65535> | server_timeout <sec 1-65535> | max_req
<value 1-10> | reauth_period <sec 1-65535> | enable_reauth [enable |
disable]}] (1)
config 802.1x auth_protocol [local |radius_eap]
config 802.1x init [port_based ports [<portlist> | all>] | mac_based ports [<portlist> | all]
{mac_address <macaddr>}]
config 802.1x auth_mode [port_based | mac_based]
config 802.1x reauth [port_based ports [<portlist> | all] | mac_based ports [<portlist> | all]
{mac_address <macaddr>}]
config radius add <server_index 1-3> [<server_ip> key <passwd 32> [default | {auth_port
<udp_port_number 1-65535> | acct_port <udp_port_number 1-65535> |
timeout <int 1-255> | retransmit <int 1-255>} (1) ]
config radius delete <server_index 1-3>
config radius <server_index 1-3> {ipaddress <server_ip> | key <passwd 32> [auth_port
<udp_port_number 1-65535> acct_port <udp_port_number 1-65535>] |
timeout <int 1-255> | retransmit <int 1-255>} (1)
config radius parameter { timeout <int 1-255> | retransmit <int 1-255>} (1)
show radius
create 802.1x guest_vlan {<vlan_name 32>}
config 802.1x guest_vlan ports [<portlist> | all] state [enable | disable]
delete 802.1x guest_vlan {<vlan_name 32>}
show 802.1x guest_vlan
show auth_statistics {ports <portlist>}
show auth_diagnostics {ports <portlist>}
show auth_session_statistics {ports <portlist>}
show auth_client
show acct_client
create 802.1x user <username 15>
delete 802.1x user <username 15>