Radius-Based Dynamic Vlan Assignment - Dell Networking 2024 Reference Manual

client is authenticated and is undisturbed by the failure condition(s). The
reasons for failure are logged and buffered into the local logging database such
that the operator can track the failure conditions. Clients authenticated when
monitor mode is enabled are always assigned to the default VLAN, regardless
of the RADIUS assignment.

RADIUS-based Dynamic VLAN Assignment

If VLAN assignment is enabled in the RADIUS server then as part of the
response message, the RADIUS server sends the VLAN ID which the client is
requested to use in the 802.1x tunnel attributes. If dynamic VLAN creation is
enabled on the switch and the RADIUS assigned VLAN does not exist, then
the assigned VLAN is dynamically created. This implies that the client can
connect from any port and be assigned to the appropriate VLAN. This gives
flexibility for clients to move around the network with out requiring the
operator to perform additional provisioning for each network interface.
Commands in this Chapter
This chapter explains the following commands:
dot1x dynamic-vlan enable dot1x timeout re-
dot1x initialize
dot1x mac-auth-bypass
dot1x max-req
dot1x max-users
dot1x port-control
dot1x re-authenticate
dot1x reauthentication
dot1x system-auth-control
844
802.1x Commands
authperiod
dot1x timeout server-
timeout
dot1x timeout tx-period
authentication enable
authentication order
authentication priority
authentication restart
clear authentication
statistics
show authentication
statistics
show dot1x
show dot1x authentication-
history
show dot1x clients
show dot1x interface
show dot1x interface
statistics
show dot1x users
clear dot1x
authentication–history
dot1x guest-vlan