beautypg.com

Dot1x port-control, Dot1x re- authentication, Dot1x re-authentication – LevelOne GTL-2691 User Manual

Page 904

background image

C

HAPTER

28

| Authentication Commands

802.1X Port Authentication

– 904 –

dot1x port-control

This command sets the dot1x mode on a port interface. Use the no form to

restore the default.

S

YNTAX

dot1x port-control {auto | force-authorized |

force-unauthorized}

no dot1x port-control

auto – Requires a dot1x-aware connected client to be authorized by

the RADIUS server. Clients that are not dot1x-aware will be denied

access.
force-authorized – Configures the port to grant access to all

clients, either dot1x-aware or otherwise.
force-unauthorized Configures the port to deny access to all

clients, either dot1x-aware or otherwise.

D

EFAULT

force-authorized

C

OMMAND

M

ODE

Interface Configuration

E

XAMPLE

Console(config)#interface eth 1/2

Console(config-if)#dot1x port-control auto

Console(config-if)#

dot1x re-

authentication

This command enables periodic re-authentication for a specified port. Use

the no form to disable re-authentication.

S

YNTAX

[no] dot1x re-authentication

C

OMMAND

M

ODE

Interface Configuration

C

OMMAND

U

SAGE

The re-authentication process verifies the connected client’s user ID

and password on the RADIUS server. During re-authentication, the

client remains connected the network and the process is handled

transparently by the dot1x client software. Only if re-authentication

fails is the port blocked.

The connected client is re-authenticated after the interval specified by

the

dot1x timeout re-authperiod

command. The default is 3600

seconds.