Dot1x mac-auth-bypass – Dell POWEREDGE M1000E User Manual

Page 167

Advertising
background image

2-137

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference

OL-13271-03

Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands

dot1x mac-auth-bypass

dot1x mac-auth-bypass

Use the dot1x mac-auth-bypass interface configuration command on the switch stack or on a
standalone switch to enable the MAC authentication bypass feature. Use the no form of this command
to disable MAC authentication bypass feature.

dot1x mac-auth-bypass [eap]

no dot1x mac-auth-bypass

Syntax Description

Defaults

MAC authentication bypass is disabled.

Command Modes

Interface configuration

Command History

Usage Guidelines

Unless otherwise stated, the MAC authentication bypass usage guidelines are the same as the
IEEE 802.1x authentication guidelines.

If you disable MAC authentication bypass from a port after the port has been authenticated with its MAC
address, the port state is not affected.

If the port is in the unauthorized state and the client MAC address is not the authentication-server
database, the port remains in the unauthorized state. However, if the client MAC address is added to the
database, the switch can use MAC authentication bypass to re-authorize the port.

If the port is in the authorized state, the port remains in this state until re-authorization occurs.

If an EAPOL packet is detected on the interface during the lifetime of the link, the switch determines
that the device connected to that interface is an IEEE 802.1x-capable supplicant and uses IEEE 802.1x
authentication (not MAC authentication bypass) to authorize the interface.

Clients that were authorized with MAC authentication bypass can be re-authenticated.

For more information about how MAC authentication bypass and IEEE 802.lx authentication interact,
see the “Understanding IEEE 802.1x Authentication with MAC Authentication Bypass” section and the
“IEEE 802.1x Authentication Configuration Guidelines” section in the “Configuring IEEE 802.1x
Port-Based Authentication” chapter of the software configuration guide.

eap

(Optional) Configure the switch to use Extensible Authentication Protocol
(EAP) for authentication.

Release

Modification

12.2(40)EX1

This command was introduced.

Advertising