HP 6125G HP 6125G & 6125G/XG Blade Switches Security Command Reference - Page 111
dot1x mandatory-domain
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 111 highlights
By default, the function is disabled. The online user handshake security function is implemented based on the online user handshake function. To bring the security function into effect, make sure the online user handshake function is enabled. HP recommends you use the iNode client software and IMC server to guarantee the normal operation of the online user handshake security function. Related commands: dot1x handshake. Examples # Enable the online user handshake security function. system-view [Sysname] interface gigabitethernet 1/0/4 [Sysname-GigabitEthernet1/0/4] dot1x handshake secure dot1x mandatory-domain Syntax dot1x mandatory-domain domain-name View undo dot1x mandatory-domain Ethernet interface view Default level 2: System level Parameters domain-name: Specifies the ISP domain name, a case-insensitive string of 1 to 24 characters. Description Use dot1x mandatory-domain to specify a mandatory 802.1X authentication domain on a port. Use undo dot1x mandatory-domain to remove the mandatory authentication domain. By default, no mandatory authentication domain is specified. When authenticating an 802.1X user trying to access the port, the system selects an authentication domain in the following order: the mandatory domain, the ISP domain specified in the username, and the default ISP domain. To display or cut all 802.1X connections in a mandatory domain, use the display connection domain isp-name or cut connection domain isp-name command. The output from the display connection command without any parameters displays domain names input by users at login. For more information about the display connection command or the cut connection command, see "AAA configuration commands." Related commands: display dot1x. Examples # Configure the mandatory authentication domain my-domain for 802.1X users on GigabitEthernet 1/0/1. system-view [Sysname] interface gigabitethernet 1/0/1 102