Dell Force10 S25N-S50N FTOS Command Line Reference Guide FTOS 8.4.2.7 E-Series - Page 189
X, Important Points to Remember
View all Dell Force10 S25N-S50N manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 189 highlights
8 802.1X The 802.1X Port Authentication commands are: • debug dot1x • dot1x auth-type mab-only • dot1x authentication (Interface) • dot1x auth-fail-vlan • dot1x auth-server • dot1x guest-vlan • dot1x host-mode • dot1x mac-auth-bypass • dot1x max-eap-req • dot1x max-supplicants • dot1x port-control • dot1x quiet-period • dot1x reauthentication • dot1x reauth-max • dot1x server-timeout • dot1x supplicant-timeout • dot1x tx-period • show dot1x cos-mapping interface • show dot1x interface An authentication server must authenticate a client connected to an 802.1X switch port. Until the authentication, only EAPOL (Extensible Authentication Protocol over LAN) traffic is allowed through the port to which a client is connected. Once authentication is successful, normal traffic passes through the port. FTOS supports RADIUS and Active Directory environments using 802.1X Port Authentication. Important Points to Remember FTOS limits network access for certain users by using VLAN assignments. 802.1X with VLAN assignment has these characteristics when configured on the switch and the RADIUS server. • 802.1X is supported on C-Series, E-Series, and S-Series. • 802.1X is not supported on the LAG or the channel members of a LAG. • If no VLAN is supplied by the RADIUS server or if 802.1X authorization is disabled, the port is configured in its access VLAN after successful authentication. • If 802.1X authorization is enabled but the VLAN information from the RADIUS server is not valid, the port returns to the unauthorized state and remains in the configured access VLAN. This prevents ports from appearing unexpectedly in an inappropriate VLAN due to a configuration error. Configuration errors create an entry in Syslog. 802.1X | 189