Configuring authenticator ports, Designating authenticator ports, Designating the authentication methods – Allied Telesis AT-8100 Series User Manual

AT-8100 Switch Command Line User’s Guide

1079

Configuring Authenticator Ports

Designating

Authenticator

Ports

You have to designate ports as authenticator ports before you can
configure their settings. There are three DOT1X PORT-CONTROL
commands for designating authenticator ports.

The DOT1X PORT-CONTROL AUTO command designates ports such
that they immediately begin to function as authenticator ports, blocking all
traffic until supplicants successfully authenticate. This example of the
command configures ports 1.0.1 and 1.0.5 to immediately commence
functioning as authenticator ports.

awplus> enable
awplus# configure terminal
awplus(config)# interface port1.0.1,port1.0.5
awplus(config-if)# dot1x port-control auto

Caution

Using the DOT1X PORT-CONTROL AUTO command when the
switch is part of a live network interrupts network operations
because the designated ports stop forwarding traffic until the
supplicants log on.

Designating the

Authentication

Methods

A port can be configured for either 802.1x authentication or MAC based
authentication.

To enable 802.1x authentication, use the DOTX PORT-CONTROL AUTO
command. To configure a port to the MAC address authentication method,
use the AUTH-MAC ENABLE command. This example configures port
1.0.16 as an authenticator port that uses the MAC address authentication
method:

awplus> enable
awplus# configure terminal
awplus(config)# aaa authentication auth-mac default group
radius
awplus(config)# radius-server host 176.225.15.23 key abt54
awplus(config)# interface port1.0.16
awplus(config-if)# auth-mac enable

If, after configuring an authenticator port for MAC address authentication,
you decide to change it back to 802.1x authentication, use the NO AUTH-
MAC ENABLE command and then use the DOTX PORT-CONTROL
AUTO command. This example of the command restores 802.1x
authentication to port 1.0.12: