Forcibly Authorizing Or Unauthorizing A Port - Dell Z9000 Configuration Manual
10/25/40/50/100gbe throughput
Hide thumbs
Also See for Z9000:
- Configuration manual (932 pages) ,
- Installing (52 pages) ,
- Manual (48 pages)
Table of Contents
Advertisement
Example of Configuring and Verifying Port Authentication
The following example shows configuration information for a port for which the authenticator re-
transmits an EAP Request Identity frame:
•
after 90 seconds and a maximum of 10 times for an unresponsive supplicant
•
re-transmits an EAP Request Identity frame
The bold lines show the new re-transmit interval, new quiet period, and new maximum re-transmissions.
FTOS(conf-if-range-Te-2/1)#dot1x tx-period 90
FTOS(conf-if-range-Te-2/1)#dot1x max-eap-req 10
FTOS(conf-if-range-Te-2/1)#dot1x quiet-period 120
FTOS#show dot1x interface TenGigabitEthernet 2/1
802.1x information on Te 2/1:
-----------------------------
Dot1x Status:
Port Control:
Port Auth Status:
Re-Authentication:
Untagged VLAN id:
Tx Period:
Quiet Period:
ReAuth Max:
Supplicant Timeout:
Server Timeout:
Re-Auth Interval:
Max-EAP-Req:
Auth Type:
Auth PAE State:
Backend State:
Forcibly Authorizing or Unauthorizing a Port
IEEE 802.1X requires that a port can be manually placed into any of three states:
•
ForceAuthorized — an authorized state. A device connected to this port in this state is never
subjected to the authentication process, but is allowed to communicate on the network. Placing the
port in this state is same as disabling 802.1X on the port.
•
ForceUnauthorized — an unauthorized state. A device connected to a port in this state is never
subjected to the authentication process and is not allowed to communicate on the network. Placing
the port in this state is the same as shutting down the port. Any attempt by the supplicant to initiate
authentication is ignored.
•
Auto — an unauthorized state by default. A device connected to this port in this state is subjected to
the authentication process. If the process is successful, the port is authorized and the connected
device can communicate on the network. All ports are placed in the Auto state by default.
To set the port state, use the following command.
•
Place a port in the ForceAuthorized, ForceUnauthorized, or Auto state.
INTERFACE mode
dot1x port-control {force-authorized | force-unauthorized | auto}
The default state is auto.
88
Enable
AUTO
UNAUTHORIZED
Disable
None
90 seconds
120 seconds
2
30 seconds
30 seconds
3600 seconds
10
SINGLE_HOST
Initialize
Initialize
802.1X
Advertisement
Table of Contents
Troubleshooting
