1x port authentication, Table 45 – Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual

Page 225

Advertising
background image

Brocade 6910 Ethernet Access Switch Configuration Guide

175

53-1002581-01

802.1X Port Authentication

9

802.1X Port Authentication

The switch supports IEEE 802.1X (dot1x) port-based access control that prevents unauthorized
access to the network by requiring users to first submit credentials for authentication. Client
authentication is controlled centrally by a RADIUS server using EAP (Extensible Authentication
Protocol).

TABLE 45

802.1X Port Authentication Commands

Command

Function

Mode

General Commands

dot1x default

Resets all dot1x parameters to their default values

GC

dot1x eapol-pass- through

Passes EAPOL frames to all ports in STP forwarding state when
dot1x is globally disabled

GC

dot1x system-auth-control

Enables dot1x globally on the switch.

GC

Authenticator Commands

dot1x intrusion-action

Sets the port response to intrusion when authentication fails

IC

dot1x max-reauth-req

Sets the maximum number of times that the switch sends an
EAP-request/identity frame to the client before restarting the
authentication process

IC

dot1x max-req

Sets the maximum number of times that the switch retransmits an
EAP request/identity packet to the client before it times out the
authentication session

IC

dot1x operation-mode

Allows single or multiple hosts on an dot1x port

IC

dot1x port-control

Sets dot1x mode for a port interface

IC

dot1x re-authentication

Enables re-authentication for all ports

IC

dot1x timeout quiet-period

Sets the time that a switch port waits after the Max Request Count
has been exceeded before attempting to acquire a new client

IC

dot1x timeout re-authperiod

Sets the time period after which a connected client must be
re-authenticated

IC

dot1x timeout supp-timeout

Sets the interval for a supplicant to respond

IC

dot1x timeout tx-period

Sets the time period during an authentication session that the
switch waits before re-transmitting an EAP packet

IC

dot1x re-authenticate

Forces re-authentication on specific ports

PE

Supplicant Commands

dot1x identity profile

Configures dot1x supplicant user name and password

GC

dot1x max-start

Sets the maximum number of times that a port supplicant will send
an EAP start frame to the client

IC

dot1x pae supplicant

Enables dot1x supplicant mode on an interface

IC

dot1x timeout auth-period

Sets the time that a supplicant port waits for a response from the
authenticator

IC

dot1x timeout held-period

Sets the time a port waits after the maximum start count has been
exceeded before attempting to find another authenticator

IC

dot1x timeout start-period

Sets the time that a supplicant port waits before resending an
EAPOL start frame to the authenticator

IC

Advertising
Popular Brands
Popular manuals