3Com Switch 4500 Family Manual page 337
4500 series
Hide thumbs
Also See for Switch 4500 Family:
- Configuration manual (742 pages) ,
- Getting started manual (134 pages) ,
- Quick reference manual (17 pages)
Table of Contents
Advertisement
The proxy checking function takes effect on a port only when the function is enabled both globally and
on the port.
802.1x proxy checking checks for:
Users logging in through proxies
Users logging in through IE proxies
Whether or not a user logs in through multiple network adapters (that is, when the user attempts to
log in, it contains more than one active network adapters.)
A switch can optionally take the following actions in response to any of the above three cases:
Only disconnects the user but sends no Trap packets, which can be achieved by using the dot1x
supp-proxy-check logoff command.
Sends Trap packets without disconnecting the user, which can be achieved by using the dot1x
supp-proxy-check trap command.
This function needs the cooperation of 802.1x clients and the CAMS server:
Multiple network adapter checking, proxy checking, and IE proxy checking are enabled on the
802.1x client.
The CAMS server is configured to disable the use of multiple network adapters, proxies, and IE
proxy.
By default, proxy checking is disabled on 802.1x client. In this case, if you configure the CAMS server to
disable the use of multiple network adapters, proxies, and IE proxy, it sends messages to the 802.1x
client to ask the latter to disable the use of multiple network adapters, proxies, and IE proxy after the
user passes the authentication.
The 802.1x proxy checking function needs the cooperation of H3C's 802.1x client program.
The proxy checking function takes effect only after the client version checking function is enabled
on the switch (using the dot1x version-check command).
Related commands: display dot1x.
Examples
# Configure to disconnect the users connected to Ethernet 1/0/1 through Ethernet 1/0/8 ports if they are
detected logging in through proxies.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] dot1x supp-proxy-check logoff
[Sysname] dot1x supp-proxy-check logoff interface Ethernet 1/0/1 to Ethernet 1/0/8
# Configure the switch to send Trap packets if the users connected to Ethernet 1/0/9 port is detected
logging in through proxies.
[Sysname] dot1x supp-proxy-check trap
[Sysname] dot1x supp-proxy-check trap interface Ethernet 1/0/9
1-16
Advertisement
Chapters
Table of Contents
