Table of Contents
Advertisement
HP recommends you use the iNode client software and iMC server to ensure the normal operation of the
online user handshake security function.
Related commands: dot1x handshake.
Examples
# Enable the online user handshake security function.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/4
[Sysname-GigabitEthernet1/0/4] dot1x handshake secure
dot1x mandatory-domain
Syntax
dot1x mandatory-domain domain-name
undo dot1x mandatory-domain
View
Layer 2 Ethernet Interface view
Default level
2: System level
Parameters
domain-name: Specifies the ISP domain name, a case-insensitive string of 1 to 24 characters. The
specified domain must already exist.
Description
Use the dot1x mandatory-domain command to specify a mandatory 802.1X authentication domain on a
port.
Use the undo dot1x mandatory-domain command to remove the mandatory authentication domain.
By default, no mandatory authentication domain is specified.
When authenticating an 802.1X user trying to access the port, the system selects an authentication
domain in the following order: the mandatory domain, the ISP domain specified in the username, and the
default ISP domain.
To display or cut all 802.1X connections in a mandatory domain, use the display connection domain isp-
name or cut connection domain isp-name command. The output of the display connection command
without any parameters displays domain names input by users at login. For more information about the
display connection command or the cut connection command, see the chapter ―AAA configuration
commands.‖
Related commands: display dot1x.
Examples
# Configure the mandatory authentication domain my-domain for 802.1X users on GigabitEthernet
1/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] dot1x mandatory-domain my-domain
105
Advertisement
Table of Contents
