Dot1x (authenticator) – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 673

Advertising
background image

660

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

7

Related Commands:

dot1x (authenticator)

interface-config-instance

Configures 802.1X authenticator settings

Dot1x (or 802.1x) is an IEEE standard for network authentication. It enables media-level (layer 2)
access control, providing the capability to permit or deny connectivity based on user or device
identity. Dot1x allows port-based access using authentication. An dot1x enabled port can be
dynamically enabled or disabled depending on user identity or device connection.

Devices supporting dot1x allow the automatic provision and connection to the wireless network
without launching a Web browser at login. When within range of a dot1x network, a device
automatically connects and authenticates without needing to manually login.

Before authentication, the endpoint is unknown, and traffic is blocked. Upon authentication, the
endpoint is known and traffic is allowed. The controller or service platform uses source MAC
filtering to ensure only the authenticated endpoint is allowed to send traffic.

Supported in the following platforms:

Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point

Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000

Syntax:

dot1x authenticator

[guest-vlan|host-mode|max-reauth-req|port-control|reauthenticate|

timeout]

dot1x authenticator [guest-vlan <1-4094>|host-mode [multi-host|single-host]|

max-reauth-req <1-10>|port-control

[auto|force-authorized|force-unauthorized]|

reauthenticate|timeout [quiet-period|reauth-period] <1-65535>]

NOTE

The dot1x (802.1x) supplicant settings are documented in the next section.

Parameters

dot1x authenticator [guest-vlan <1-4094>|host-mode [multi-host|single-host]|

max-reauth-req <1-10>|port-control

[auto|force-authorized|force-unauthorized]|

reauthenticate|timeout [quiet-period|reauth-period]]

no

Removes the interface description

dot1x authenticator

Configures 802.1x authenticator settings

guest-vlan <1-4094>

Configures the guest VLAN for this interface. This is the VLAN traffic is bridged on if this port is unauthorized
and the guest VLAN is globally enabled. Select the VLAN index from 1 - 4094.

Advertising
Popular Brands
Popular manuals