Configuring port authorization mode – Alcatel Carrier Internetworking Solutions OmniStack 6300-24 User Manual

Configuring the Switch

3-58

3

CLI – This enables re-authentication and sets all of the global parameters for 802.1x.

Configuring Port Authorization Mode

When dot1x is enabled, you need to specify the dot1x authentication mode
configured for each port.

Command Attributes
• Status – Indicates if authentication is enabled or disabled on the port.
• Operation Mode – Allows single or multiple hosts (clients) to connect to an

802.1X-authorized port. (Range: Single-Host, Multi-Host; Default: Single-Host)

• Max Count – The maximum number of hosts that can connect to a port when the

Multi-Host operation mode is selected. (Range: 1-20; Default: 5)

• Mode – Sets the authentication mode to one of the following options:

- Auto – Requires a dot1x-aware client to be authorized by the authentication

server. Clients that are not dot1x-aware will be denied access.

- Force-Authorized – Forces the port to grant access to all clients, either

dot1x-aware or otherwise.

- Force-Unauthorized – Forces the port to deny access to all clients, either

dot1x-aware or otherwise.

• Authorized –

- Yes – Connected client is authorized.
- No – Connected client is not authorized.
- Blank – Displays nothing when dot1x is disabled on a port.

• Supplicant – Indicates the MAC address of a connected client.
• Trunk – Indicates if the port is configured as a trunk port.

Console(config)#dot1x re-authentication

4-80

Console(config)#dot1x max-req 5

4-78

Console(config)#dot1x timeout quiet-period 40

4-80

Console(config)#dot1x timeout re-auth 5

4-80

Console(config)#dot1x timeout tx-period 40

4-81

Console(config)#authentication dot1x default radius

4-77

Console(config)#