Dell POWEREDGE M1000E User Manual

Configuring 802.1X and Port-Based Security

529

dot1x port-control

{force-authorized |

force-unauthorized |

auto | mac-based}

Specify the 802.1X mode for the port.

NOTE:

For standard 802.1X implementations in which one

client is connected to one port, use the dot1x port-control

auto command to enable 802.1X authentication on the port.

• auto — Enables 802.1X authentication on the interface

and causes the port to transition to the authorized or

unauthorized state based on the 802.1X authentication

exchange between the switch and the client.

• force-authorized — Disables 802.1X authentication on

the interface and causes the port to transition to the

authorized state without any authentication exchange

required. The port sends and receives normal traffic

without 802.1X-based authentication of the client.

• force-unauthorized — Denies all access through this

interface by forcing the port to transition to the

unauthorized state, ignoring all attempts by the client to

authenticate. The switch cannot provide authentication

services to the client through the interface.

• mac-based — Enables 802.1X authentication on the

interface and allows multiple hosts to authenticate on a

single port. The hosts are distinguished by their MAC

addresses.

dot1x mac-auth-bypass

If the 802.1X mode on the interface is mac-based, you can

optionally use this command to enable MAB on an

interface.

CTRL + Z

Exit to Privileged EXEC mode.

show dot1x

View the current 802.1X configuration.

show dot1x clients {all |

interface}

View information about 802.1X clients that have

successfully authenticated and are connected to the

switch. The

interface variable includes the interface type

and number.

show dot1x users

[username

username]

View the 802.1X authenticated users for the switch.

Command

Purpose