Command Line Interface Reference Guide
■
web-based
■
the switch
primary
■
for access control.
secondary
■
control.
■ aaa
authorization
commands
■
primary_method
■
■ aaa
port-access
authenticator
■
active
■
PORT-LIST
■
auth-vid
■
configured by default).
■
clear-statistics
■
client-limit
■
■
control
■
Force Unauthorized or Auto state (default Auto). (NUMBER)
initialize
■
logoff-period
■
considered removed from the port for a lack of activity. (NUMBER)
max-requests
■
authentication requests (default 2). (NUMBER)
quiet-period
■
a supplicant (default 60 sec.). (NUMBER)
reauthenticate
■
reauth-period
■
0); set to '0' to disable re-authentication. (NUMBER)
server-timeout
■
30sec.). (NUMBER)
supplicant-timeout
■
(default 30 sec.). (NUMBER)
tx-period
■
of EAPOL PDU (default 30 sec.). (NUMBER)
unauth-period
■
before moving the port to the VLAN for unauthenticated clients. (NUMBER)
unauth-vid
■
client connected (not configured by default).
■
gvrp-vlans
■
mac-based
■
device's port(s)
addr-format
■
to be used in the RADIUS request message (default no-delimiter).
© 2009 Hewlett-Packard Development Company, L.P.
secondary
< local | none | authorized > -- Specify the backup authentication method
for access control.
(p. 48)
-- Configure authentication mechanism used to control web-based port access to
(p. 55)
< chap-radius | peap-mschapv2 > -- Specify the primary authentication method
(p. 44)
< none | authorized > -- Specify the backup authentication method for access
(p. 48)
-- Configure authorization parameters on the switch
-- Configure exec (shell) commands authorization.
< radius | none > --
-- Configure 802
(p. 42)
-- Configure 802
(p. 28)
-- Activate/deactivate 802.1X authenticator.
-- Manage 802.1X on the device port(s). ([ethernet] PORT-LIST)
-- Configures VLAN where to move port after successful authentication (not
(p. 30)
VLAN-ID
-- Configures VLAN where to move port after successful authentication (not
configured by default). (VLAN-ID)
-- Clear the authenticator statistics.
-- Set the maximum number of clients to allow on the port.
NUMBER-OF-CLIENTS
the port. (NUMBER)
(p. 42)
< authorized | auto | unauthorized > -- Set the authenticator to Force Authorized,
-- Reinitialize the authenticator state machine.
< 1 to 999999999 > -- Set period of time after which a client will be
< 1 to 10 > -- Set maximum number of times the switch retransmits
< 0 to 65535 > -- Set the period of time the switch does not try to acquire
-- Force re-authentication to happen.
< 0 to 9999999 > -- Set the re-authentication timeout (in seconds, default
< 1 to 300 > -- Set the authentication server response timeout (default
(p. 50)
< 1 to 300 > -- Set the supplicant response timeout on an EAP request
< 1 to 65535 > -- Set the period of time the switch waits until retransmission
< 0 to 255 > -- Set period of time the switch waits for authentication
-- Configures VLAN where to keep port while there is an unauthenticated
VLAN-ID
-- Configures VLAN where to keep port while there is an unauthenticated
client connected (not configured by default). (VLAN-ID)
-- Enable/disable the use of RADIUS-assigned dynamic (GVRP) VLANs
-- Configure MAC address based network authentication on the device or the
(p. 37)
< no-delimiter | single-dash | multi-dash | ... > -- Set the MAC address format
(p. 47)
(p. 27)
(p. 54)
< 1 to 32 > -- Set the maximum number of clients to allow on
(p. 39)
(p. 47)
(p. 52)
(p. 53)
(p. 53)
(p. 30)
(p. 31)
(p. 43)
(p. 31)
(p. 31)
(p. 32)
(p. 35)
(p. 36)
(p. 47)
(p. 47)
(p. 54)
(p. 27)
aaa
(p. 53)
(p. 34)
23