The unicast trigger function is used for clients that cannot initiate authentication
unsolicitedly and is suitable for networks not requiring all the clients to be authenticated.
The unicast trigger function can be used in combination with port security function, but
can not take effect in mac-else-userlogin-secure and mac-else-userlogin-secure-ext
modes.
The unicast trigger function can not take effect in dot1x port-method portbased and
port-security port-mode userlogin modes.
Enabling DHCP-triggered Authentication
After performing the following configuration, 802.1x allows running DHCP on access users,
and users are authenticated when they apply for dynamic IP addresses through DHCP.
Follow these steps to enable DHCP-triggered authentication:
To do...
Enter system view
Enable DHCP-triggered
authentication
Configuring Guest VLAN
Follow these steps to configure guest VLAN:
To do...
Enter system view
Configure port access method
Enable the
guest VLAN
function
system-view
dot1x dhcp-launch
system-view
dot1x port-method
portbased
In system
dot1x guest-vlan vlan-id
view
[ interface interface-list ]
interface interface-type
interface-number
In port view
dot1x guest-vlan vlan-id
quit
Use the command...
Use the command...
1-21
Remarks
—
Required
By default, DHCP-triggered
authentication is disabled.
Remarks
—
Required
The default port access
method is
MAC-address-based. That is,
the macbased keyword is
used by default.
Required
By default, the guest VLAN
function is disabled.