beautypg.com

Auth roaming disconnected – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 1141

background image

Authentication Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

43.15

auth roaming disconnected

This command enables the roaming authentication feature on an authenticated interface
that is link down. A supplicant (a client device) is not reauthenticated when moved
between authenticated interfaces, providing both interfaces have the roaming
authentication feature enabled before the supplicant is moved.

Use the

auth roaming enable

command before using this command. The

auth roaming

disconnected

command on its own will have no effect on the operation of the switch.

This command will only come into effect once the base Roaming Authentication feature is
enabled, using the

auth roaming enable

command.

The no variant of this command disables the roaming authentication feature on an
interface, and forces a supplicant to be reauthenticated when moving between interfaces.

See

“Web-Authentication” on page 42.4

for further information about this feature.

Syntax

auth roaming disconnected

no auth roaming disconnected

Default

The roaming authentication disconnected feature is disabled by default on an
interface. Authentication status for a roaming supplicant is deleted by default when an
interface goes down.

Mode

Interface Configuration for a static channel, a dynamic (LACP) channel group, or a switch
port.

Usage

This command allows a supplicant to move to another authenticating interface without
reauthentication, if the link is down for the interface that the supplicant is moved from.

Note that 802.1X port authentication, or MAC authentication, or Web Authentication must
first be enabled on an interface to use this feature. The port that the supplicant is moving
to must have the same authentication configuration as the port the supplicant is moving
from.

Configure

auth roaming enable

on an interface before configuring

auth roaming

disconnected

if you require

auth roaming disconnected

configured on an interface for a

roaming supplicant.

Roaming authentication cannot be enabled if DHCP snooping is enabled (

service dhcp-

snooping command on page 56.24

), and vice versa.

Examples

To enable roaming authentication disconnected feature for port1.0.2, after
enabling 802.1x authentication and enabling roaming authentication enable, use the
commands:

awplus#

configure terminal

awplus(config)#

interface port1.0.2

awplus(config-if)#

dot1x port-control auto

awplus(config-if)#

auth roaming enable

awplus(config-if)#

auth roaming disconnected

See also other documents in the category Allied Telesis Computer hardware: