Forcibly Authorizing Or Unauthorizing A Port; Re-Authenticating A Port - Dell Force10 Z9000 Configuration Manual
Hide thumbs
Also See for Force10 Z9000:
- Reference manual (1483 pages) ,
- Configuration manual (984 pages) ,
- Manual (56 pages)
Table of Contents
Advertisement
Forcibly Authorizing or Unauthorizing a Port
IEEE 802.1X requires that a port can be manually placed into any of three states:
•
ForceAuthorized — an authorized state. A device connected to this port in this state is never subjected to the authentication
process, but is allowed to communicate on the network. Placing the port in this state is same as disabling 802.1X on the port.
•
ForceUnauthorized — an unauthorized state. A device connected to a port in this state is never subjected to the authentication
process and is not allowed to communicate on the network. Placing the port in this state is the same as shutting down the port.
Any attempt by the supplicant to initiate authentication is ignored.
•
Auto — an unauthorized state by default. A device connected to this port in this state is subjected to the authentication
process. If the process is successful, the port is authorized and the connected device can communicate on the network. All ports
are placed in the Auto state by default.
To set the port state, use the following command.
•
Place a port in the ForceAuthorized, ForceUnauthorized, or Auto state.
INTERFACE mode
dot1x port-control {force-authorized | force-unauthorized | auto}
The default state is auto.
Example of Placing a Port in Force-Authorized State and Viewing the Configuration
The example shows configuration information for a port that has been force-authorized.
The bold line shows the new port-control state.
Dell(conf-if-Te-1/1)#dot1x port-control force-authorized
Dell(conf-if-Te-1/1)#show dot1x interface TenGigabitEthernet 1/1
802.1x information on Te 1/1:
-----------------------------
Dot1x Status:
Port Control:
Port Auth Status:
Re-Authentication:
Untagged VLAN id:
Tx Period:
Quiet Period:
ReAuth Max:
Supplicant Timeout:
Server Timeout:
Re-Auth Interval:
Max-EAP-Req:
Auth Type:
Auth PAE State:
Backend State:
Auth PAE State:
Backend State:
Re-Authenticating a Port
You can configure the authenticator for periodic re-authentication.
After the supplicant has been authenticated, and the port has been authorized, you can configure the authenticator to re-
authenticate the supplicant periodically. If you enable re-authentication, the supplicant is required to re-authenticate every 3600
seconds, but you can configure this interval. You can configure a maximum number of re-authentications as well.
To configure re-authentication time settings, use the following commands.
•
Configure the authenticator to periodically re-authenticate the supplicant.
Enable
FORCE_AUTHORIZED
UNAUTHORIZED
Disable
None
90 seconds
120 seconds
2
30 seconds
30 seconds
3600 seconds
10
SINGLE_HOST
Initialize
Initialize
Initialize
Initialize
79
802.1X
Advertisement
Table of Contents
Troubleshooting
