Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual

Page 512

Advertising
background image

480

Network OS NETCONF Operations Guide

53-1003231-02

Interface-specific administrative tasks for 802.1x

30

force-authorized—802.1x authentication is disabled and the port moves to the authorized
state.

force-unauthorized—802.1x authentication is disabled and the port moves to the unauthorized
state.

NOTE

If you globally disable 802.1x, all interface ports with 802.1x authentication enabled automatically
switch to force-authorized port-control mode.

To configure 802.1x port-control on a specific interface port, perform the following steps. Repeat
this task for each interface port you wish to modify.

1. Issue the <edit-config> RPC to configure the <interface> node in the

urn:brocade.com:mgmt:brocade-interface namespace.

2. Under the <interface> node, specify the <gigabitethernet>, <tengigabitethernet>,

<fortygigabitethernet>, or <hundredgigabitethernet> node element.

NOTE

You cannot configure 802.1x authentication on a port-channel.

3. Under the <gigabitethernet>, <tengigabitethernet>, <fortygigabitethernet>, or

<hundredgigabitethernet> node, include the <name> leaf element and specify the name of
the interface on which you want to configure 802.1x authentication port-control. Specify the
interface in [rbridge-id/]slot/port format.

4. Under the <gigabitethernet>, <tengigabitethernet>, <fortygigabitethernet>, or

<hundredgigabitethernet> node, include the <dot1x> node element from the
urn:brocade.com:mgmt:brocade-dot1x namespace.

5. Under the <dot1x> node, include the empty <authentication> leaf element to enable 802.1x

authentication on the interface.

6. Under the <dot1x> node, include the <port-control> leaf element and set its value to “auto”,

“force-authorized”, or “force-unauthorized”.

The following example sets port-control on 10 gigabit Ethernet interface 22/0/1 to
“force-authorized”.

<?xml version="1.0" encoding="UTF-8"?>

<rpc message-id="2406" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">

<edit-config>

<target>

<running/>

</target>

<config>

<interface xmlns="urn:brocade.com:mgmt:brocade-interface">

<tengigabitethernet>

<name>22/0/1</name>

<dot1x xmlns="urn:brocade.com:mgmt:brocade-dot1x">

<authentication/>

<port-control>force-authorized</port-control>

</dot1x>

</tengigabitethernet>

</interface>

</config>

</edit-config>

</rpc>

Advertising
See also other documents in the category Brocade Computer Accessories: