1x cli commands – Avaya C360 User Manual

IEEE 802.1x (Port Based Network Access Control)

Issue 1 July 2006

125

- Enable the RADIUS feature.

- Configure the port used to access the RADIUS server as "force-authorized."

Tip:

Tip:

You can configure on the RADIUS server a PVID, static VLAN binding and port
level for each authenticated user. If the port that the user is connected to is
authorized, those parameters will be assigned to the port.

●

Connect the Supplicant - i.e., Windows XP clients - directly to the C360.

●

Verify that the dot1x port-control is in auto mode.

●

Set the dot1x system-auth-config to enable; the authentication process starts:

- The supplicant is asked to supply a user name and password.

- If authentication is enabled on the port, the Authenticator initiates authentication when

the link is up.

- Authentication Succeeds: after the authentication process completes, the supplicant will

receive a Permit/Deny notification.

- Authentication Fails: authentication will fail when the Supplicant fails to respond to

requests from the Authenticator, when management controls prevent the port from being
authorized, when the link is down, or when the user supplied incorrect logon information.

802.1x CLI Commands

The following table contains a list of the CLI commands for the 802.1x feature. The rules of
syntax and output examples are all set out in detail in the Reference Guide for the Avaya C360
Converged Stackable Switch, 10-300506.

In order to...

Use the following command...

Disable dot1x on all ports and
return to default values

clear dot1x config

Display the system dot1x
capabilities, protocol version,
and timer values

show dot1x

Display all the configurable
values associated with the
authenticator port access entity
(PAE) and backend
authenticator

show port dot1x

1 of 3