Table of Contents
Advertisement
Configuring Port Settings for 802.1X
When 802.1X is enabled, you need to configure the parameters for the
authentication process that runs between the client and the switch (i.e.,
authenticator), as well as the client identity lookup process that runs
between the switch and authentication server. These parameters are
described in this section.
Command Attributes
•
Status – Indicates if authentication is enabled or disabled on the port.
(Default: Disabled)
•
Operation Mode – Allows single or multiple hosts (clients) to connect
to an 802.1X-authorized port. (Range: Single-Host, Multi-Host;
Default: Single-Host)
•
Max Count – The maximum number of hosts that can connect to a
port when the Multi-Host operation mode is selected.
(Range: 1-1024; Default: 5)
•
Mode – Sets the authentication mode to one of the following options:
- Auto – Requires a dot1x-aware client to be authorized by the
authentication server. Clients that are not dot1x-aware will be denied
access.
- Force-Authorized – Forces the port to grant access to all clients,
either dot1x-aware or otherwise. (This is the default setting.)
- Force-Unauthorized – Forces the port to deny access to all clients,
either dot1x-aware or otherwise.
•
Re-authentication – Sets the client to be re-authenticated after the
interval specified by the Re-authentication Period. Re-authentication
can be used to detect if a new device is plugged into a switch port.
(Default: Disabled)
•
Max Request – Sets the maximum number of times the switch port
will retransmit an EAP request packet to the client before it times out
the authentication session. (Range: 1-10; Default 2)
U
A
SER
UTHENTICATION
3-97
Advertisement
Table of Contents
