Dot1X Supp-Proxy-Check - HPE FlexNetwork HSR6800 Security Command Reference
Hide thumbs
Also See for FlexNetwork HSR6800:
- Configuration manual (503 pages) ,
- Command reference manual (153 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
dot1x supp-proxy-check
Use dot1x supp-proxy-check to enable the proxy detection function and set the processing method
on the specified ports or all ports.
Use undo dot1x supp-proxy-check to disable the function on the specified ports or all ports.
Syntax
In system view:
dot1x supp-proxy-check { logoff | trap } [ interface interface-list ]
undo dot1x supp-proxy-check { logoff | trap } [ interface interface-list ]
In Ethernet interface view:
dot1x supp-proxy-check { logoff | trap }
undo dot1x supp-proxy-check { logoff | trap }
Default
The proxy detection function is disabled. Users can use an authenticated 802.1X client as a network
access proxy to bypass monitoring and accounting.
Views
System view, Ethernet interface view
Default command level
2: System level
Parameters
logoff: Logs off a user accessing the network through a proxy.
trap: Sends a trap to the network management system when a user is detected accessing the
network through a proxy.
interface interface-list: Specifies an Ethernet port list, which can contain multiple Ethernet ports. The
interface-list argument is in the format of interface-list = { interface-type interface-number [ to
interface-type interface-number ] } & <1-10>, where interface-type represents the port type,
interface-number represents the port number, and & <1-10> means that you can provide up to 10
ports or port ranges. The start port number must be smaller than the end number and the two ports
must be of the same type. If no interface is specified, the command applies to all ports.
Usage guidelines
This function requires the cooperation of the iNode client software.
The proxy detection function must be enabled both globally in system view and for the intended ports
in system view or Ethernet interface view. Otherwise, it does not work.
Examples
# Configure ports GigabitEthernet 3/0/1 to 1/8 to log off users accessing the network through a proxy.
<Sysname> system-view
[Sysname] dot1x supp-proxy-check logoff
[Sysname] dot1x supp-proxy-check logoff interface gigabitethernet 3/0/1 to
gigabitethernet 3/0/8
# Configure port GigabitEthernet 3/0/9 to send a trap when a user is detected accessing the network
through a proxy.
<Sysname> system-view
[Sysname] dot1x supp-proxy-check trap
[Sysname] dot1x supp-proxy-check trap interface gigabitethernet 3/0/9
125
Advertisement
Table of Contents
