To enable the proxy detecting function, you need to enable the online user handshaking function
first.
Handshaking packets need the support of the H3C-proprietary client. They are used to test
whether or not a user is online.
As clients that are not of H3C do not support the online user handshaking function, switches cannot
receive handshaking acknowledgement packets from them in handshaking periods. To prevent
users being falsely considered offline, you need to disable the online user handshaking function in
this case.
Example
# Enable the online user handshaking function.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] dot1x handshake enable
dot1x handshake secure
Syntax
dot1x handshake secure
undo dot1x handshake secure
View
Ethernet port view
Parameter
None
Description
Use the dot1x handshake secure command to enable the handshaking packet secure function,
preventing the device from attacks resulted from simulating clients.
Use the undo dot1x handshake secure command to disable the handshaking packet secure function.
By default, the handshaking packet secure function is disabled.
For the handshaking packet secure function to take effect, the clients that enable the function need to
cooperate with the authentication server. If either the clients or the authentication server does not
support the function, disabling the handshaking packet secure function is needed.
1-9