Dell PowerEdge VRTX User Manual

802.1X Commands

339

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Dell Plasma-ARC

2+3\new_system_mifs_ARC2_latest\802_1X.fm

D E LL CO N F I D E N T IA L – P R E L I M I N A RY 4 / 3 / 14 - F O R PR O O F O N LY

Syntax

dot1x radius-attributes vlan [reject | static]
no dot1x radius-attributes vlan

Parameters

• reject—If the RADIUS server authorized the supplicant, but did not

provide a supplicant VLAN the supplicant is rejected. If the parameter is

omitted, this option is applied by default.

•

static—If the RADIUS server authorized the supplicant, but did not

provide a supplicant VLAN, the supplicant is accepted.

Default Configuration

reject

Command Mode

Interface (Ethernet) Configuration mode

User Guidelines

If RADIUS provides invalid VLAN information, the authentication is

rejected.
If a RADIUS server assigns a client with a non-existing VLAN, the switch

creates the VLAN. The VLAN is removed when it is no longer being used.
If RADIUS provides valid VLAN information and the port does not belong to

the VLAN received from RADIUS, it is added to the VLAN as an egress

untagged port. When the last authorized client assigned to the VLAN

becomes unauthorized or 802.1x is disabled on the port, the port is excluded

from the VLAN.
If the authentication mode is single-host or multi-host, the value of PVID is

set to the VLAN_ID.
If an authorized port, in single-host or multi-host mode, changes its status to

unauthorized, the port static configuration is reset.
If the authentication mode is multi-sessions mode, the PVID is not changed

and all untagged traffic and tagged traffic not belonging to the

unauthenticated VLANs are mapped to the VLAN using TCAM.