Dot1x operation-mode – LevelOne GTL-2690 User Manual

802.1X Port Authentication

25-29

25

dot1x operation-mode

This command allows single or multiple hosts (clients) to connect to an
802.1X-authorized port. Use the no form with no keywords to restore the default to
single host. Use the no form with the multi-host max-count keywords to restore the
default maximum count.

Syntax

dot1x operation-mode {single-host | multi-host [max-count count] |

mac-based-auth}

no dot1x operation-mode [multi-host max-count]

• single-host – Allows only a single host to connect to this port.
• multi-host – Allows multiple hosts to connect to this port, with only one host

needing to be authenticated.

• max-count – Keyword for the maximum number of hosts.

count – The maximum number of hosts that can connect to a port.
(Range: 1-1024; Default: 5)

• mac-based-auth – Allows multiple hosts to connect to this port, with each

host needing to be authenticated.

Default

Single-host

Command Mode

Interface Configuration

Command Usage

• The “max-count” parameter specified by this command is only effective if the

dot1x mode is set to “auto” by the dot1x port-control command (page 4-105).

• In “multi-host” mode, only one host connected to a port needs to pass

authentication for all other hosts to be granted network access. Similarly, a
port can become unauthorized for all hosts if one attached host fails
re-authentication or sends an EAPOL logoff message.

• In “mac-based-auth” mode, each host connected to a port needs to pass

authentication. The number of hosts allowed access to a port operating in this
mode is limited only by the available space in the secure address table (i.e.,
up to 1024 addresses).

Example

Console(config)#interface eth 1/2
Console(config-if)#dot1x operation-mode multi-host max-count 10
Console(config-if)#