Dell POWEREDGE M1000E User Manual

Configuring 802.1X and Port-Based Security

537

3 Enable 802.1X port-based access control on the switch.

console(config)#dot1x system-auth-control

4 Configure ports 9 and 24 to be in the Authorized state, which allows the

devices to connect to these ports to access the switch services without

authentication.

console(config)#interface range gi1/0/9-10

console(config-if)#dot1x port-control force-

authorized

console(config-if)#exit

5 Configure Port 7 to require MAC-based authentication with MAB.

console(config)#interface gi1/0/7

console(config-if-Gi1/0/7)#dot1x port-control mac-

based

console(config-if-Gi1/0/7)#dot1x mac-auth-bypass

6 Set the port to an 802.1Q VLAN. It is recommended to configure the port

as to be in general mode in order to enable MAC-based 802.1X

authentication.

console(config-if-Gi1/0/7)#switchport mode general

console(config-if-Gi1/0/7)#exit

console(config-if-Gi1/0/7)#exit

7 View the client connection status.

When the clients on Ports 1, 3, and 7(supplicants), attempt to

communicate via the switch, the switch challenges the supplicants for

login credentials. The switch encrypts the provided information and

transmits it to the RADIUS server. If the RADIUS server grants access, the

system sets the 802.1X port state of the interface to authorized and the

supplicants are able to access network resources.

console#show dot1x clients all

Interface...................................... Gi1/0/1

User Name...................................... aoversmit

Supp MAC Address............................... 0012.1753.031A

Session Time................................... 756

Filter Id......................................

VLAN Assigned.................................. 1 (Default)

Interface...................................... Gi1/0/3