Avaya G250 Administration Manual page 68

Accessing the Avaya G250/G350 Media Gateway
2. Use the set port dot1x port-control command to change the 802.1x mode of an
individual port. This command must be followed by the module and port number, and the
802.1x mode.
For example, if a port is not in auto mode, you can use the following command to return
the port to auto mode:
G250-001(super)# set port dot1x port-control 10/4 auto
Done !
G250-001(super)#
G350-001(super)# set port dot1x port-control 6/3 auto
Done !
G350-001(super)#
3. Use the set port dot1x port-control command to configure the authentication
mode of the LAN port connected to the RADIUS server as force-authorize. This ensures
that the port remains open at all times, so that it will be able to transmit authentication
requests to the RADIUS server.
For example, if port 5 is the port that connects to the RADIUS server, enter the following
command:
G250-001(super)# set port dot1x port-control 10/5 force-authorize
Done !
G250-001(super)#
G350-001(super)# set port dot1x port-control 6/5 force-authorize
Done !
G350-001(super)#
4. Enter set dot1x system-auth-control enable to enable 802.1x authentication on
all ports set to auto mode.
G350-001(super)# set dot1x system-auth-control enable
To disable 802.1x authentication on the G250/G350, enter set dot1x
system-auth-control disable.
Once the authentication process is enabled, the process proceeds as follows:
The Supplicant is asked to supply a username and password.
●
If 802.1x authentication is enabled on the port, the Authenticator initiates
●
authentication when the link is up.
When authentication is completed, the Supplicant receives a Permit/Deny notification.
●
Authentication fails if:
●
- the Supplicant fails to respond to requests from the Authenticator
68 Administration for the Avaya G250 and Avaya G350 Media Gateways