Home » TP-Link Manuals » Hubs & Switches » TP-Link T1500G-8T » Manual Viewer

TP-Link T1500G-8T T1500G-10PSUN V1 CLI Reference Guide Guide - Page 110

IEEE 802.1X Commands

Add to My Manuals
Save this manual to your list of manuals

Page 110 highlights

Chapter 13 IEEE 802.1X Commands IEEE 802.1X function is to provide an access control for LAN ports via the authentication. An 802.1X system include three entities: supplicant, authenticator and authentication server.  Supplicant: the device that requests access to the LAN.  Authentication server: performs the actual authentication of the supplicant. It validates the identity of the supplicant and notifies the authenticator whether or not the supplicant is authorized to access the LAN.  Authenticator: controls the physical access to the network based on the authentication status of the supplicant. It is usually an 802.1X-supported network device, such as this TP-Link switch. It acts as an intermediary (proxy) between the supplicant and the authentication server, requesting identity information from the supplicant, verifying that information with the authentication server, and relaying a response to the supplicant. This chapter handles with the authentication process between the supplicant and the switch. To realize the authentication and accounting function, you should also enbable the AAA function and configure the RADIUS server. Go to Chapter 34 AAA Commands for more details. 13.1 dot1x system-auth-control Description The dot1x system-auth-control command is used to enable the IEEE 802.1X function globally. To disable the IEEE 802.1X function, please use no dot1x system-auth-control command. Syntax dot1x system-auth-control no dot1x system-auth-control Command Mode Global Configuration Mode Privilege Requirement Only Admin, Operator and Power User level users have access to these commands. Example Enable the IEEE 802.1X function: 97

Section	Page
Preface	14
Chapter 1 Using the CLI	17
1.1 Accessing the CLI	17
1.1.1 Logon by Telnet	17
1.1.2 Logon by SSH	18
1.2 CLI Command Modes	23
1.3 Privilege Restrictions	27
1.4 Conventions	27
1.4.1 Format Conventions	27
1.4.2 Special Characters	27
1.4.3 Parameter Format	28
Chapter 2 User Interface	29
2.1 enable	29
2.2 enable-admin	29
2.3 service password-encryption	30
2.4 enable password	31
2.5 enable secret	32
2.6 configure	33
2.7 exit	33
2.8 end	34
2.9 history	34
2.10 history clear	35
Chapter 3 IEEE 802.1Q VLAN Commands	36
3.1 vlan	36
3.2 interface vlan	37
3.3 name	37
3.4 switchport general allowed vlan	38
3.5 switchport pvid	39
3.6 show vlan summary	39
3.7 show vlan brief	40
3.8 show vlan	40
3.9 show interface switchport	41
Chapter 4 Voice VLAN Commands	42
4.1 voice vlan	42
4.2 voice vlan aging	42
4.3 voice vlan priority	43
4.4 voice vlan mac-address	44
4.5 switchport voice vlan mode	45
4.6 switchport voice vlan security	45
4.7 show voice vlan	46
4.8 show voice vlan oui	46
4.9 show voice vlan switchport	47
Chapter 5 Etherchannel Commands	49
5.1 channel-group	49
5.2 port-channel load-balance	50
5.3 lacp system-priority	51
5.4 lacp port-priority	52
5.5 show etherchannel	52
5.6 show etherchannel load-balance	53
5.7 show lacp	54
5.8 show lacp sys-id	54
Chapter 6 User Management Commands	56
6.1 user name (password)	56
6.2 user name (secret)	57
6.3 user access-control ip-based	58
6.4 user access-control mac-based	59
6.5 user access-control port-based	60
6.6 telnet	61
6.7 show user account-list	61
6.8 show user configuration	62
6.9 show telnet-status	62
Chapter 7 HTTP and HTTPS Commands	64
7.1 ip http server	64
7.2 ip http max-users	65
7.3 ip http session timeout	66
7.4 ip http secure-server	66
7.5 ip http secure-protocol	67
7.6 ip http secure-ciphersuite	68
7.7 ip http secure-max-users	68
7.8 ip http secure-session timeout	69
7.9 ip http secure-server download certificate	70
7.10 ip http secure-server download key	71
7.11 show ip http configuration	72
7.12 show ip http secure-server	72
Chapter 8 Binding Table Commands	74
8.1 ip source binding	74
8.2 ip dhcp snooping	75
8.3 ip dhcp snooping vlan	76
8.4 ip dhcp snooping information option	77
8.5 ip dhcp snooping information strategy	77
8.6 ip dhcp snooping information remote-id	78
8.7 ip dhcp snooping information circuit-id	79
8.8 ip dhcp snooping trust	80
8.9 ip dhcp snooping mac-verify	80
8.10 ip dhcp snooping limit rate	81
8.11 ip dhcp snooping decline rate	82
8.12 show ip source binding	83
8.13 show ip dhcp snooping	83
8.14 show ip dhcp snooping interface	84
8.15 show ip dhcp snooping information interface	84
Chapter 9 ARP Inspection Commands	86
9.1 ip arp inspection(global)	86
9.2 ip arp inspection trust	86
9.3 ip arp inspection(interface)	87
9.4 ip arp inspection limit-rate	88
9.5 ip arp inspection recover	89
9.6 show ip arp inspection	89
9.7 show ip arp inspection interface	90
9.8 show ip arp inspection statistics	90
9.9 clear ip arp inspection statistics	91
Chapter 10 DoS Defend Commands	92
10.1 ip dos-prevent	92
10.2 ip dos-prevent type	92
10.3 show ip dos-prevent	94
Chapter 11 System Log Commands	95
11.1 logging buffer	95
11.2 logging buffer level	95
11.3 logging file flash	96
11.4 logging file flash frequency	97
11.5 logging file flash level	98
11.6 logging host index	98
11.7 logging monitor	99
11.8 logging monitor level	100
11.9 clear logging	101
11.10 show logging local-config	101
11.11 show logging loghost	102
11.12 show logging buffer	102
11.13 show logging flash	103
Chapter 12 SSH Commands	104
12.1 ip ssh server	104
12.2 ip ssh version	104
12.3 ip ssh algorithm	105
12.4 ip ssh timeout	106
12.5 ip ssh max-client	106
12.6 ip ssh download	107
12.7 remove public-key	108
12.8 show ip ssh	108
Chapter 13 IEEE 802.1X Commands	110
13.1 dot1x system-auth-control	110
13.2 dot1x handshake	111
13.3 dot1x auth-method	111
13.4 dot1x accounting	112
13.5 dot1x guest-vlan(global)	113
13.6 dot1x quiet-period	114
13.7 dot1x timeout	114
13.8 dot1x max-reauth-req	115
13.9 dot1x	116
13.10 dot1x guest-vlan(interface)	117
13.11 dot1x port-control	117
13.12 dot1x port-method	118
13.13 show dot1x global	119
13.14 show dot1x interface	120
Chapter 14 MAC Address Commands	121
14.1 mac address-table static	121
14.2 mac address-table aging-time	122
14.3 mac address-table filtering	122
14.4 mac address-table notification	123
14.5 mac address-table notification (interface)	124
14.6 mac address-table max-mac-count	125
14.7 mac address-table security	127
14.8 show mac address-table	127
14.9 clear mac address-table	128
14.10 show mac address-table aging-time	129
14.11 show mac address-table max-mac-count	129
14.12 show mac address-table interface	130
14.13 show mac address-table count	130
14.14 show mac address-table address	131
14.15 show mac address-table vlan	132
14.16 show mac address-table notification	132
14.17 show mac address-table security	133
Chapter 15 System Configuration Commands	134
15.1 system-time manual	134
15.2 system-time ntp	134
15.3 system-time dst predefined	136
15.4 system-time dst date	137
15.5 system-time dst recurring	138
15.6 hostname	139
15.7 location	140
15.8 contact-info	140
15.9 ip address	141
15.10 ip address-alloc	142
15.11 reset	143
15.12 reboot	143
15.13 copy running-config startup-config	144
15.14 copy startup-config tftp	144
15.15 copy tftp startup-config	145
15.16 boot application	146
15.17 remove backup-image	146
15.18 firmware upgrade	147
15.19 ping	148
15.20 tracert	149
15.21 show system-info	150
15.22 show image-info	150
15.23 show running-config	151
15.24 show startup-config	151
15.25 show system-time	152
15.26 show system-time dst	152
15.27 show system-time ntp	153
15.28 show cable-diagnostics interface gigabitEthernet	153
15.29 show cpu-utilization	154
15.30 show memory-utilization	154
Chapter 16 Ethernet Configuration Commands	156
16.1 interface gigabitEthernet	156
16.2 interface range gigabitEthernet	156
16.3 description	157
16.4 shutdown	158
16.5 flow-control	158
16.6 duplex	159
16.7 jumbo-size	160
16.8 speed	160
16.9 storm-control	161
16.10 bandwidth	162
16.11 clear counters	162
16.12 show interface status	163
16.13 show interface counters	164
16.14 show interface configuration	164
16.15 show storm-control	165
16.16 show bandwidth	166
Chapter 17 QoS Commands	167
17.1 qos	167
17.2 qos cos	167
17.3 qos dscp	168
17.4 qos queue cos-map	169
17.5 qos queue dscp-map	170
17.6 qos queue mode	171
17.7 show qos interface	172
17.8 show qos cos-map	172
17.9 show qos dscp-map	173
17.10 show qos queue mode	173
17.11 show qos status	174
Chapter 18 Port Mirror Commands	175
18.1 monitor session destination interface	175
18.2 monitor session source interface	176
18.3 show monitor session	177
Chapter 19 Port Isolation Commands	178
19.1 port isolation	178
19.2 show port isolation interface	179
Chapter 20 Loopback Detection Commands	180
20.1 loopback-detection(global)	180
20.2 loopback-detection interval	180
20.3 loopback-detection recovery-time	181
20.4 loopback-detection(interface)	182
20.5 loopback-detection config	182
20.6 loopback-detection recover	183
20.7 show loopback-detection global	184
20.8 show loopback-detection interface	184
Chapter 21 ACL Commands	186
21.1 access-list create	186
21.2 mac access-list	186
21.3 access-list standard	187
21.4 access-list extended	188
21.5 rule	189
21.6 access-list policy name	190
21.7 access-list policy action	191
21.8 access-list bind acl(interface)	191
21.9 access-list bind acl(vlan)	192
21.10 access-list bind(interface)	192
21.11 access-list bind(vlan)	193
21.12 show access-list	194
21.13 show access-list policy	194
21.14 show access-list bind	195
Chapter 22 PoE Commands	196
22.1 power inline consumption (global)	196
22.2 power profile	197
22.3 power time-range	198
22.4 absolute	198
22.5 periodic	199
22.6 power holiday	201
22.7 holiday	201
22.8 power inline consumption (interface)	202
22.9 power inline priority	203
22.10 power inline supply	204
22.11 power inline profile	204
22.12 power inline time-range	205
22.13 show power inline	206
22.14 show power inline configuration interface	206
22.15 show power inline information interface	207
22.16 show power profile	207
22.17 show power holiday	208
22.18 show power time-range	208
Chapter 23 MSTP Commands	209
23.1 debug spanning-tree	209
23.2 spanning-tree(global)	210
23.3 spanning-tree(interface)	210
23.4 spanning-tree common-config	211
23.5 spanning-tree mode	212
23.6 spanning-tree mst configuration	213
23.7 instance	214
23.8 name	214
23.9 revision	215
23.10 spanning-tree mst instance	216
23.11 spanning-tree mst	216
23.12 spanning-tree priority	217
23.13 spanning-tree timer	218
23.14 spanning-tree hold-count	219
23.15 spanning-tree max-hops	219
23.16 spanning-tree bpdufilter	220
23.17 spanning-tree bpduguard	221
23.18 spanning-tree guard loop	221
23.19 spanning-tree guard root	222
23.20 spanning-tree guard tc	223
23.21 spanning-tree mcheck	223
23.22 show spanning-tree active	224
23.23 show spanning-tree bridge	224
23.24 show spanning-tree interface	225
23.25 show spanning-tree interface-security	226
23.26 show spanning-tree mst	226
Chapter 24 IGMP Snooping Commands	228
24.1 ip igmp snooping(global)	228
24.2 ip igmp snooping(interface)	228
24.3 ip igmp snooping rtime	229
24.4 ip igmp snooping mtime	230
24.5 ip igmp snooping report-suppression	230
24.6 ip igmp snooping immediate-leave	231
24.7 ip igmp snooping drop-unknown	231
24.8 ip igmp snooping last-listener query-inteval	232
24.9 ip igmp snooping last-listener query-count	233
24.10 ip igmp snooping vlan-config	233
24.11 ip igmp snooping vlan-config (router-ports-forbidden)	235
24.12 ip igmp snooping multi-vlan-config	236
24.13 ip igmp snooping multi-vlan-config (router-ports-forbidden)	237
24.14 ip igmp snooping multi-vlan-config (source-ip-replace)	238
24.15 ip igmp snooping querier vlan	238
24.16 ip igmp snooping querier vlan (general query)	239
24.17 ip igmp snooping max-groups	240
24.18 ip igmp profile	241
24.19 deny	242
24.20 permit	242
24.21 range	243
24.22 ip igmp filter	243
24.23 clear ip igmp snooping statistics	244
24.24 show ip igmp snooping	245
24.25 show ip igmp snooping interface	245
24.26 show ip igmp snooping vlan	246
24.27 show ip igmp snooping multi-vlan	246
24.28 show ip igmp snooping groups vlan	247
24.29 show ip igmp snooping groups	248
24.30 show ip igmp snooping querier	249
24.31 show ip igmp profile	249
Chapter 25 SNMP Commands	251
25.1 snmp-server	251
25.2 snmp-server view	251
25.3 snmp-server group	252
25.4 snmp-server user	254
25.5 snmp-server community	255
25.6 snmp-server host	256
25.7 snmp-server engineID	258
25.8 snmp-server traps snmp	258
25.9 snmp-server traps link-status	259
25.10 snmp-server traps	260
25.11 snmp-server traps vlan	261
25.12 rmon history	262
25.13 rmon event	263
25.14 rmon alarm	264
25.15 rmon statistics	265
25.16 show snmp-server	266
25.17 show snmp-server view	267
25.18 show snmp-server group	267
25.19 show snmp-server user	268
25.20 show snmp-server community	268
25.21 show snmp-server host	268
25.22 show snmp-server engineID	269
25.23 show rmon history	269
25.24 show rmon event	270
25.25 show rmon alarm	271
25.26 show rmon statistics	271
Chapter 26 LLDP Commands	273
26.1 lldp	273
26.2 lldp hold-multiplier	273
26.3 lldp timer	274
26.4 lldp receive	275
26.5 lldp transmit	276
26.6 lldp snmp-trap	276
26.7 lldp tlv-select	277
26.8 lldp med-fast-count	278
26.9 lldp med-status	278
26.10 lldp med-tlv-select	279
26.11 lldp med-location	280
26.12 show lldp	281
26.13 show lldp interface	281
26.14 show lldp local-information interface	282
26.15 show lldp neighbor-information interface	282
26.16 show lldp traffic interface	283
Chapter 27 AAA Commands	284
27.1 aaa enable	284
27.2 enable admin password	285
27.3 enable admin secret	286
27.4 tacacas-server host	287
27.5 show tacacs-server	288
27.6 radius-server host	289
27.7 show radius-server	290
27.8 aaa group	291
27.9 server	291
27.10 show aaa group	292
27.11 aaa authentication login	293
27.12 aaa authentication enable	294
27.13 aaa authentication dot1x default	295
27.14 aaa accounting dot1x default	295
27.15 show aaa authentication	296
27.16 show aaa accounting	297
27.17 line telnet	297
27.18 login authentication(telnet)	298
27.19 line ssh	298
27.20 login authentication(ssh)	299
27.21 enable authentication(telnet)	300
27.22 enable authentication(ssh)	300
27.23 ip http login authentication	301
27.24 ip http enable authentication	302

Match case Limit results 1 per page

Chapter 13

IEEE 802.1X Commands

IEEE 802.1X function is to provide an access control for LAN ports via the authentication. An

802.1X system include three entities: supplicant, authenticator and authentication server.



Supplicant: the device that requests access to the LAN.



Authentication server: performs the actual authentication of the supplicant. It validates the

identity of the supplicant and notifies the authenticator whether or not the supplicant is

authorized to access the LAN.



Authenticator: controls the physical access to the network based on the authentication

status of the supplicant. It is usually an 802.1X-supported network device, such as this

TP-Link switch. It acts as an intermediary (proxy) between the supplicant and the

authentication server, requesting identity information from the supplicant, verifying that

information with the authentication server, and relaying a response to the supplicant.

This chapter handles with the authentication process between the supplicant and the switch.

To realize the authentication and accounting function, you should also enbable the AAA

function and configure the RADIUS server. Go to

Chapter 34 AAA Commands

for more details.

13.1

dot1x system-auth-control

Description

The

dot1x

system-auth-control

command is used to enable the IEEE 802.1X

function globally. To disable the IEEE 802.1X function, please use

no dot1x

system-auth-control

command.

Syntax

dot1x system-auth-control

no dot1x system-auth-control

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these

commands.

Example

Enable the IEEE 802.1X function: