Dell Force10 C150 Configuration Manual page 120
Ftos configuration guide ftos 8.4.2.7 e-series terascale, c-series, s-series (s50/s25)
Hide thumbs
Also See for Force10 C150:
- Manual (57 pages) ,
- Manual (66 pages) ,
- Quick start manual (33 pages)
Table of Contents
Advertisement
Figure 7-11
802.1X before you connect the end-user device (black and blue text), and after you connect the device (red
text).
The blue text corresponds to the numbered steps on page 119. Note that the GigabitEthernet 1/11 port, on
which dynamic VLAN assignment with 802.1X is configured, is initially an untagged member of VLAN
300. After a successful 802.1x authentication with dynamic VLAN configuration, the port becomes an
untagged member of VLAN 400 (assigned by the RADIUS server during authentication).
Figure 7-11. Dynamic VLAN Assignment with 802.1X
***After authentication***
Force10#show dot1x interface gigabitethernet 1/11
802.1x information on Gi 1/11:
-----------------------------
Dot1x Status:
Enable
Port Control:
AUTO
Port Auth Status:
AUTHORIZED
Re-Authentication: Disable
Untagged VLAN id: 400
Tx Period:
30 seconds
Quiet Period:
60 seconds
ReAuth Max:
Supplicant Timeout: 30 seconds
Server Timeout:
Re-Auth Interval:
Max-EAP-Req:
Auth Type:
Auth PAE State:
Backend State:
Note: In the
dynamically-assigned VLAN are the same, the 802.1x-authorized port is displayed with U for Untagged.
If the two VLANs are not the same, the 802.1x-authorized port is displayed with x for Dot1X untagged.
120
|
802.1X
shows the configuration on a Dell Force10 switch that uses dynamic VLAN assignment with
End-user Device
4
2
30 seconds
3600 seconds
2
SINGLE_HOST
Authenticated
Idle
command output, if the statically-configured VLAN and the 802.1X
show vlan
Force10(conf-if-gi-1/11)#show config
interface GigabitEthernet 1/11
no ip address
switchport
2
dot1x authentication
1
no shutdown
Force10 switch
1/11
Force10(conf-if-vl-400)# show config
interface Vlan 400
3
no ip address
shutdown
Force10#show vlan
Codes: * - Default VLAN, G - GVRP VLANs
Q: U - Untagged, T - Tagged
x - Dot1x untagged, X - Dot1x tagged
G - GVRP tagged
NUM Status Description
* 1
Inactive
300
Inactive
400
Inactive
***After authentication***
Force10#show vlan
Codes: * - Default VLAN, G - GVRP VLANs
Q: U - Untagged, T - Tagged
x - Dot1x untagged, X - Dot1x tagged
G - GVRP tagged
NUM Status Description
* 1
Inactive
300
In active
400
Active
***After disconnectiong the end-user device, the GigabitEthernet 1/11
port is re-assigned to VLAN 300.
Force10(conf-if-vl-300)#show config
interface Vlan 300
no ip address
untagged GigabitEthernet 1/11
shutdown
RADIUS Server
1
radius-server host 10.11.197.169
auth-port 1645
key 7 387a7f2df5969da4
Q Ports
U Gi 1/11
Q Ports
x Gi 1/11
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
