3 configuring authentication mode – Siemens S223 User Manual

Page 66

Advertising
background image

UMN:CLI User Manual

SURPASS hiD 6615 S223/S323 R1.5

66 A50010-Y3-C150-2-7619

After default server is designated, all requests start from the RADIUS server. If there’s no
response from default server again, the authentication request is tried for RADIUS server
designated as next one.

To configure IP address of RADIUS server and key value, use the following command.

Command Mode

Description

dot1x radius-server host

{IP-

ADDRESS

| NAME} auth-port <0-

65535> key KEY

Registers RADIUS server with key value and UDP port
of radius server.
IP-ADDRESS: Ip address of radius server
NAME: host name
0-65535: UDP port number
KEY: the value of key

dot1x radius-server host

{IP-

ADDRESS

| NAME} key KEY

Configures IP address of RADIUS server and key
value.

no dot1x radius-server host

{IP-

ADDRESS

| NAME}

Global

Deletes a registered RADIUS server.

You can designate up to 5 RADIUS servers as authenticator.

The key is authentication information between the authenticator and RADIUS server. The
authenticator and RADIUS server must have a same key value, and you can use alpha-
betic characters and numbers for the key value. The space or special character is not al-
lowed.

You can configure the priority for the radius server that have configured by user.

Command Mode

Description

dot1x radius-server move

{IP-

ADDRESS

| NAME} priority PRI-

ORITY

Global

Configures the priority of radius server.
IP-ADDRESS: Ip address of radius server
NAME: host name

4.5.1.3 Configuring

Authentication

Mode

You can change the authentication mode from the port-based to the MAC-based. To
change the authentication mode, use the following command.

Command Mode

Description

dot1x auth-mode mac-base

PORTS

Sets the authentication mode to the MAC-based.

no dot1x auth-mode mac-base

PORTS

Global

Restores the authentication mode to the port-based.

Before setting the authentication mode to the MAC-based, you need to set a MAC filtering
policy to deny them for all the Ethernet ports. To configure a MAC filtering policy, see Sec-
tion 7.12.1

i

i

Advertising
This manual is related to the following products:

S323

Popular Brands
Popular manuals