Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual

Page 511

Advertising

Network OS NETCONF Operations Guide

479

53-1003231-02

Interface-specific administrative tasks for 802.1x

3. Under the <gigabitethernet>, <tengigabitethernet>, <fortygigabitethernet>, or

<hundredgigabitethernet> node, include the <name> leaf element and specify the name of
the interface on which you want to configure 802.1x re-authentication. Specify the interface in
[rbridge-id/]slot/port format.

4. Under the <gigabitethernet>, <tengigabitethernet>, <fortygigabitethernet>, or

<hundredgigabitethernet> node, include the <dot1x> node element from the
urn:brocade.com:mgmt:brocade-dot1x namespace.

5. Under the <dot1x> node, include the empty <authentication> leaf element to enable 802.1x

authentication on the interface.

6. Under the <dot1x> node, include the empty <reauthentication/> leaf element to enable

802.1x re-authentication on the interface.

7. Optional: Under the <dot1x> element, include the <timeout> node element.

8. Optional: Under the <timeout> node, include the <re-authperiod>, and specify a new timeout

value.

9. Issue the <bna-config-cmd> RPC to save the running-config file to the startup-config file.

The following example sets reauthorization for the 10 gigabit Ethernet 22/0/1 interface and sets
the reauthorization timer to 4000 seconds.

<?xml version="1.0" encoding="UTF-8"?>

<edit-config>

</target>

<re-authperiod>4000</re-authperiod>

</timeout>

</dot1x>

</tengigabitethernet>

</interface>

</config>

</edit-config>

</rpc>

<rpc-reply message-id="2405" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">

<ok/>

</rpc-reply>

Configuring 802.1x port-control on specific interface ports

You can set 802.1x port-control on an interface to one of the following states:

•

auto—802.1x authentication is enabled. The port moves to the authorized state only after
successful authentication. “auto” is the default value.

Advertising