4.3.5 802.1x
This switch supports IEEE 802.1x standard which provides port‐based access control by validating end user's authorization through
authentication (RADIUS) server. EAP‐ MD5/TLS/PEAP authentication types are supported for this switch.
[no] dot1x
Enable or disable 802.1x.
radius‐server host <ip‐addr> <1024..65535> <1024..65535>
Set radius server IP, port number, and accounting port number.
Parameters:
<ip‐addr> specifies server's IP address.
st
1
<1024..65535> specifies the server port number.
nd
2
<1024..65535> specifies the accounting port number.
radius‐server key <key‐str>
Set 802.1x shared key.
Parameters:
<key‐str> specifies shared key string.
radius‐server nas <id‐str>
Set 802.1x NAS identifier.
Parameters:
<id‐str> specifies NAS identifier string.
show radius‐server
Show radius server information, including radius server IP, port number, accounting port number, shared key, NAS identifier,
dot1x timeout quiet‐period <0..65535>
Set 802.1x quiet period. (default: 60 seconds).
Parameters:
<0..65535> specifies the quiet period, in seconds.
dot1x timeout tx‐period <0..65535>
Set 802.1x Tx period. (default: 15 seconds).
Parameters:
<0..65535> specifies the Tx period, in seconds.
dot1x timeout supplicant <1..300>
Set 802.1x supplicant timeout (default: 30 seconds)
Parameters:
<1..300> specifies the supplicant timeout, in seconds.
dot1x timeout radius‐server <1..300>
Set radius server timeout (default: 30 seconds).
Parameters:
<1..300> specifies the radius server timeout, in seconds.
dot1x max‐req <1..10>
Set 802.1x maximum request retries (default: 2 times).
Parameters:
<1..10> specifies the maximum request retries.
dot1x timeout re‐authperiod <30..65535>
Set 802.1x re‐auth period (default: 3600 seconds).
Parameters:
<30..65535> specifies the re‐auth period, in seconds.
show dot1x
Show 802.1x information, quiet period, Tx period, supplicant timeout, server timeout, maximum requests, and re‐auth period.