18 port based network access control configuration – Asus GigaX3124 User Manual

GigaX3124 Layer3 Switch CLI Command Reference

217

18 Port based Network Access

Control Configuration:

18.1 dot1x guest-vlan <1-3000>

Syntax

dot1x guest-vlan <1-3000>

Parameters

<1-3000> valid vlan-id range is from 1 to 3000

Command Mode Interface configuration mode
No/clear

no dot1x guest-vlan

Show

show dot1x / show dot1x interface IFNAME

Default

No default guest vlan

Description

Use the dot1x guest-vlan interface configuration command

on the switch stack or on a standalone switch to specify an

active VLAN as an 802.1X guest VLAN. Use the no form of this

command to return to the default setting.

Example

ASUS(config)# interface gi1/0/1

ASUS(config-if)# dot1x guest-vlan 2

18.2 dot1x port-control (auto| force-authorized|

force-unauthorized)

Syntax

dot1x port-control (auto| force-authorized| force-unauthorized)

Parameters

auto Enables 802.1x port-based authentication and causes the

port to begin in the unauthorized state, allowing only

EAPOL frames to be sent and received through the port

force-authorized Disables 802.1x port-based authentication

and causes the port to transition to the authorized state

without any authentication exchange required

force-unauthorized Causes the port to remain in the

unauthorized state, ignoring all attempts by the client

to authenticate