Configuring Multi-Host Authenticationconfiguring Single-Host Authentication - Dell S6100 Configuration Manual
Hide thumbs
Also See for S6100:
- Configuration manual (1743 pages) ,
- Installation manual (54 pages) ,
- Release notes (13 pages)
Table of Contents
Advertisement
When you configure multi-host mode authentication, the first client to respond to an identity request is authenticated and subsequent
responses are still ignored. However, because the authenticator expects the possibility of multiple responses, no system log is generated.
After the first supplicant is authenticated, all end users connected to the authorized port are allowed to access the network.
If the authorized port becomes unauthorized due to re-authentication failure or the supplicant sends an EAPOL logoff frame, all connected
end users are denied access to the network.
If you change the host mode on a port that is already authenticated:
•
From single-host to multi-host — All devices connected to the port that were previously blocked may access the network; the
supplicant does not re-authenticate.
•
From multi-host to single-host — The port restarts the authentication process. The first end user to respond is authenticated and
allowed access.
Configuring Multi-Host Authentication
To enable multi-host authentication on a port, enter the dot1x host-mode multi-host command in Interface mode. To return to the
default single-host authentication mode, enter the no dot1x host-mode command. To verify the currently configured authentication
mode, enter the show dot1x interface command.
Dell(conf-if-te-2/1)# dot1x host-mode multi-host
Dell(conf-if-te-2/1)# do show dot1x interface tengigabitethernet 2/1
802.1x information on Te 2/1:
-----------------------------
Dot1x Status:
Port Control:
Port Auth Status:
Re-Authentication:
Untagged VLAN id:
Guest VLAN:
Guest VLAN id:
Auth-Fail VLAN:
Auth-Fail VLAN id:
Auth-Fail Max-Attempts:
Critical VLAN:
Critical VLAN id:
Mac-Auth-Bypass:
Mac-Auth-Bypass Only:
Static-MAB:
Static-MAB Profile:
Tx Period:
Quiet Period:
ReAuth Max:
Supplicant Timeout:
Server Timeout:
Re-Auth Interval:
Max-EAP-Req:
Host Mode:
Auth PAE State:
Backend State:
Configuring Single-Host Authentication
To enable single-host authentication on a port, enter the dot1x host-mode single-host command in Interface mode.
Dell(conf-if-te-2/1)# dot1x host-mode single-host
Dell(conf-if-te-2/1)# do show dot1x interface tengigabitethernet 2/1
802.1x information on Te 2/1:
-----------------------------
Enable
AUTO
UNAUTHORIZED
Disable
None
Disable
NONE
Disable
NONE
NONE
Disable
NONE
Disable
Disable
Disable
NONE
30 seconds
60 seconds
2
30 seconds
30 seconds
3600 seconds
2
MULTI_HOST
Connecting
Idle
802.1X
101
Advertisement
Table of Contents
Troubleshooting
