Dell Force10 S50-01-GE-48T FTOS 8.4.2.6 Command Line Reference Guide for the E - Page 1308
dot1x guest-vlan, dot1x max-eap-req
View all Dell Force10 S50-01-GE-48T manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 1308 highlights
www.dell.com | support.dell.com dot1x guest-vlan c e s Configure a guest VLAN for limited access users or for devices that are not 802.1X capable. Syntax dot1x guest-vlan vlan-id To disable the guest VLAN, use the no dot1x guest-vlan vlan-id command. Parameters vlan-id Enter the VLAN Identifier. Range: 1 to 4094 Defaults Not configured Command Modes CONFIGURATION (conf-if-interface-slot/port) Command History Version 7.6.1.0 Introduced on C-Series, E-Series, and S-Series Usage 802.1X authentication is enabled when an interface is connected to the switch. If the host fails to Information respond within a designated amount of time, the authenticator places the port in the guest VLAN. If a device does not respond within 30 seconds, it is assumed that the device is not 802.1X capable. Therefore, a guest VLAN is allocated to the interface and authentication, for the device, will occur at the next re-authentication interval (dot1x reauthentication). If the host fails authentication for the designated amount of times, the authenticator places the port in authentication failed VLAN (dot1x auth-fail-vlan). Note: Layer 3 portion of guest VLAN and authentication fail VLANs can be created regardless if the VLAN is assigned to an interface or not. Once an interface is assigned a guest VLAN (which has an IP address), then routing through the guest VLAN is the same as any other traffic. However, interface may join/leave a VLAN dynamically. Related Commands dot1x auth-fail-vlan dot1x reauthentication show dot1x interface Configure a VLAN for authentication failures Enable periodic re-authentication Display the 802.1X information on an interface dot1x max-eap-req c e s Configure the maximum number of times an EAP (Extensive Authentication Protocol) request is transmitted before the session times out. Syntax dot1x max-eap-req number To return to the default, use the no dot1x max-eap-req command. Parameters number Enter the number of times an EAP request is transmitted before a session time-out. Range: 1 to 10 Default: 2 Defaults 2 1308 | Security