beautypg.com

4 authentication port, 5 force authorization – Siemens S223 User Manual

Page 67

background image

User Manual UMN:CLI
SURPASS hiD 6615 S223/S323 R1.5

A50010-Y3-C150-2-7619 67

4.5.1.4 Authentication

Port

After configuring 802.1x authentication mode, you should select the authentication port.

Command Mode

Description

dot1x nas-port

PORTS

Designates 802.1x authentication port.

no dot1x nas-port

PORTS

Global

Disables 802.1x authentication port.

4.5.1.5 Force

Authorization

The hiD 6615 S223/S323 can allow the users to request the access regardless of the au-
thentication from RADIUS server. For example, it is possible to configure not to be au-
thenticated from the server even though a client is authenticated from the server.

To manage the approval for the designated port, use the following command.

Command Mode

Description

dot1x port-control

{auto | force-

authorized

| force-unauthorized}

PORTS

Configures the way of authorization to control port
whether it has the RADIUS authentication or not.

no dot1x port-control

PORTS

Global

Deletes the configuration of the way of authorization to
control port.

auto: Follows the authentication of RADIUS server.

force-authorized: Gives the authorization to a client even though RADIUS server

didn’t approve it.

force-unauthorized: Don’t give the authorization to a client even though RADIUS

server authenticates it.

4.5.1.6

Configuring Interval for Retransmitting Request/Identity Packet

In hiD 6615 S223/S323, it is possible to specify how long the device waits for a client to
send back a response/identity packet after the device has sent a request/identity packet.
If the client does not send back a response/identity packet during this time, the device re-
transmits the request/identity packet.

To configure the number of seconds that the switch waits for a response to a re-
quest/identity packet, use the following command.

Command Mode

Description

dot1x timeout tx-period

<1-

65535> PORTS

Sets reattempt interval for requesting request/identity
packet.
1-65535: retransmit interval (default: 30)

no dot1x timeout tx-period

PORTS

Global

Disables the interval for requesting identity.

This manual is related to the following products: