Yamaha 10G SWR2310-28GT/18GT/10G Command Reference - Page 145
Set re-authentication
View all Yamaha 10G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 145 highlights
Operation mode single-host multi-host multi-supplicant Command Reference | Interface control | 145 Description This mode allows communications for only one supplicant per port. Only the first supplicant that passes authentication is allowed. This mode allows communication with multiple supplicants for each port. If the first supplicant passes authentication, all other supplicants of the same port will be allowed to communicate without authentication. This mode allows communication with multiple supplicants for each port. Communication is allowed or denied on a per-supplicant basis. [Initial value] auth host-mode single-host [Input mode] interface mode [Description] Changes the port authentication operation mode for the applicable interface. If this command is executed with the "no" syntax, the setting returns to the default. [Note] This command can be specified only for both LAN/SFP port and logical interface. Changing the settings for this command will make the authentication state return to the default. When using dynamic VLAN in multi-supplicant mode, the VLAN can be specified for individual supplicants. When using dynamic VLAN in multi-host, the VLAN ID applied by the first supplicant will be applied to supplicants from the second onwards. To use this command, you must enable the port authentication function for the applicable interface. (dot1x port-control command, auth-mac enable command, auth-web enable command) [Example] Change the LAN port #1 to multi supplicant mode. SWR2310(config)#interface port1.1 SWR2310(config-if)#auth host-mode multi-supplicant 5.3.11 Set re-authentication [Syntax] auth reauthentication no auth reauthentication [Initial value] no auth reauthentication [Input mode] interface mode [Description] Enables reauthentication of supplicants for the applicable interface. If this is executed with the "no" syntax, the re-authentication is disabled. When this setting is enabled, this periodically reauthenticates supplicants that have been successfully authenticated. The reauthentication interval can be changed using the auth timeout reauth-period command. [Note] This command can be specified only for both LAN/SFP port and logical interface. During IEEE 802.1X authentication, an EAPOL packet is transmitted to the supplicant at the timing for reauthentication to once again retrieve the user information, and an authentication request is sent to the RADIUS server. During MAC authentication, the supplicant's MAC address is regarded as a user name and password at the timing for reauthentication, and a request is sent to the RADIUS server for authentication.