beautypg.com

6 dot1x eapor enable, 7 dot1x enable, X eapor enable – PLANET XGS3-24040 User Manual

Page 753: X enable

background image

Commands for Security Function Chapter 2 Commands for 802.1x

42-25

authentication user by the MAC address. Only the authentication request initialed by the users in the

dot1x address filter table will be accepted, the rest will be rejected.

Example: Adding MAC address 00-01-34-34-2e-0a to the filter table of Ethernet 1/5.

Switch(config)#dot1x accept-mac 00-01-34-34-2e-0a interface ethernet 1/5

42.6 dot1x eapor enable

Command: dot1x eapor enable

no dot1x eapor enable

Function: Enables the EAP relay authentication function in the switch; the “no dot1x eapor enable”

command sets EAP local end authentication.

Command mode: Global Mode.

Default: EAP relay authentication is used by default.

Usage Guide: The switch and RADIUS may be connected via Ethernet or PPP. If an Ethernet connection

exists between the switch and RADIUS server, the switch needs to authenticate the user by EAP relay

(EAPoR authentication); if the switch connects to the RADIUS server by PPP, the switch will use EAP

local end authentication (CHAP authentication). The switch should use different authentication methods

according to the connection between the switch and the authentication server.

Example: Setting EAP local end authentication for the switch.

Switch(config)#no dot1x eapor enable

42.7 dot1x enable

Command: dot1x enable

no dot1x enable

Function: Enables the 802.1x function in the switch and ports: the "no dot1x enable" command disables

the 802.1x function.

Command mode: Global Mode and Port Mode.

Default: 802.1x function is not enabled in global mode by default; if 802.1x is enabled under Global

Mode, 802.1x will not be enabled for the ports by default.

Usage Guide: The 802.1x authentication for the switch must be enabled first to enable 802.1x

authentication for the respective ports. If Spanning Tree or MAC binding is enabled on the port, or the

port is a Trunk port or member of port aggregation group, 802.1x function cannot be enabled for that port

unless such conditions are removed.

Example: Enabling the 802.1x function of the switch and enable 802.1x for port1/12.

Switch(config)#dot1x enable

Switch(config)#interface ethernet 1/12

Switch(Config-If-Ethernet1/12)#dot1x enable

See also other documents in the category PLANET Routers: