Dot1x operation- mode, Dot1x operation-mode – LevelOne GTL-2691 User Manual
Page 903
C
HAPTER
28
| Authentication Commands
802.1X Port Authentication
– 903 –
dot1x operation-
mode
This command allows hosts (clients) to connect to an 802.1X-authorized
port. Use the no form with no keywords to restore the default to single
host. Use the no form with the multi-host max-count keywords to
restore the default maximum count.
S
YNTAX
dot1x operation-mode {single-host |
multi-host [max-count count] | mac-based-auth}
no dot1x operation-mode [multi-host max-count]
single-host – Allows only a single host to connect to this port.
multi-host – Allows multiple host to connect to this port.
max-count – Keyword for the maximum number of hosts.
count – The maximum number of hosts that can connect to a
port. (Range: 1-1024; Default: 5)
mac-based – Allows multiple hosts to connect to this port, with
each host needing to be authenticated.
D
EFAULT
Single-host
C
OMMAND
M
ODE
Interface Configuration
C
OMMAND
U
SAGE
◆
The “max-count” parameter specified by this command is only effective
if the dot1x mode is set to “auto” by the
command.
◆
In “multi-host” mode, only one host connected to a port needs to pass
authentication for all other hosts to be granted network access.
Similarly, a port can become unauthorized for all hosts if one attached
host fails re-authentication or sends an EAPOL logoff message.
◆
In “mac-based-auth” mode, each host connected to a port needs to
pass authentication. The number of hosts allowed access to a port
operating in this mode is limited only by the available space in the
secure address table (i.e., up to 1024 addresses).
E
XAMPLE
Console(config)#interface eth 1/2
Console(config-if)#dot1x operation-mode multi-host max-count 10
Console(config-if)#