What Is Monitor Mode - Dell PowerConnect 7048P Manual

port. The port is assigned a Guest VLAN ID and is moved to the authorized
status. Disabling the supplicant mode does not clear the ports that are already
authorized and assigned Guest VLAN IDs.

What is Monitor Mode?

The monitor mode is a special mode that can be enabled in conjunction with
802.1X authentication. It allows network access even in case where there is a
failure to authenticate but logs the results of the authentication process for
diagnostic purposes. Monitor mode provides a way for network administrators
to identify possible issues with the 802.1X configuration on the switch
without affecting the network access to the users of the switch.
The monitor mode can be configured globally on a switch. If the switch fails
to authenticate a user for any reason (for example, RADIUS access reject
from RADIUS server, RADIUS timeout, or the client itself is Dot1x unaware),
the client is authenticated and is undisturbed by the failure condition(s).
The reasons for failure are logged and buffered into the local logging database
for tracking purposes.
Table 19-1 provides a summary of the 802.1X Monitor Mode behavior.
Table 19-1. IEEE 802.1X Monitor Mode Behavior
Case
RADIUS/Local
Success
RADIUS/Local
Failure
Sub-case
Success
Incorrect NAS Port Port State: Deny
Invalid VLAN
Assignment
Invalid Filter-id
Bad RADIUS packet Port State: Deny
Default behavior
Configuring 802.1X and Port-Based Security
Regular Dot1x
Port State: Permit
VLAN: Assigned
Filter: Assigned
Port State: Deny
Port State: Deny
Port State: Deny
Dot1x Monitor Mode
Port State: Permit
VLAN: Assigned
Filter: Assigned
Port State: Permit
VLAN: Default
Port State: Permit
VLAN: Default
Port State: Permit
VLAN: Default
Port State: Permit
VLAN: Default
Port State: Permit
VLAN: Default
511