Auth roaming enable, Auth roaming enable command, Comman – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Authentication Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

43.17

auth roaming enable

This command enables the roaming authentication feature on an authenticated interface
that is link up. A supplicant (a client device) is not reauthenticated when moved between
authenticated interfaces, providing both interfaces have the roaming authentication
feature enabled before the supplicant is moved.

Use the

auth roaming enable

command before using

auth roaming disconnected

command. The

auth roaming disconnected

command on its own will have no effect on

the operation of the switch. This command will only come into effect once the base
Roaming Authentication feature is enabled, using the

auth roaming enable

command.

The no variant of this command disables the roaming authentication feature on an
interface, and forces a supplicant to be reauthenticated when moving between interfaces.

See

“Web-Authentication” on page 42.4

for further information about this feature.

Syntax

auth roaming enable

no auth roaming enable

Default

The roaming authentication enable feature is disabled by default on an interface.
Authentication status for a roaming supplicant is deleted by default when an interface
goes down.

Mode

Interface Configuration for a static channel, a dynamic (LACP) channel group, or a switch
port.

Usage

This command allows a supplicant to move to another authenticating interface without
reauthentication, providing the link is up for the interface that the supplicant is moved
from.

Note that 802.1X port authentication, or MAC authentication, or Web Authentication must
first be enabled on an interface to use this feature. The port that the supplicant is moving
to must have the same authentication configuration as the port the supplicant is moving
from.

Configure

auth roaming enable

on an interface before configuring

auth roaming

disconnected

if you require

auth roaming disconnected

configured on an interface for a

roaming supplicant.

Roaming authentication cannot be enabled if DHCP snooping is enabled (

service dhcp-

snooping command on page 56.24

), and vice versa.

Examples

To enable the roaming authentication enable feature for interface port1.0.4, after
enabling 802.1x authentication, since an authentication method is required, use the
following commands:

awplus#

configure terminal

awplus(config)#

interface port1.0.4

awplus(config-if)#

dot1x port-control auto

awplus(config-if)#

auth roaming enable