10 dot1x macfilter enable, 11 dot1x max-req, 12 dot1x user free-resource – PLANET XGS3-24040 User Manual

Page 755: X macfilter enable, X max, X user free, Resource

Advertising
background image

Commands for Security Function Chapter 2 Commands for 802.1x

42-27

Attention:

There can be different Guest VLAN set on different ports, while only one Guest VLAN is

allowed on one port.

Only when the access control mode is portbased, the Guest VLAN can take effect. If the

access control mode of the port is macbased or userbased, the Guest VLAN can be

successfully set without taking effect.

Examples:Set Guest-VLAN of port Ethernet1/3 as VLAN 10.

Switch(Config-If-Ethernet1/3)#dot1xguest-vlan 10

42.10 dot1x macfilter enable

Command: dot1x macfilter enable

no dot1x macfilter enable

Function: Enables the dot1x address filter function in the switch; the "no dot1x macfilter enable"

command disables the dot1x address filter function.

Command mode: Global Mode

Default: dot1x address filter is disabled by default.

Usage Guide: When dot1x address filter function is enabled, the switch will filter the authentication user

by the MAC address. Only the authentication request initialed by the users in the dot1x address filter

table will be accepted.

Example: Enabling dot1x address filter function for the switch.

Switch(config)#dot1x macfilter enable

42.11 dot1x max-req

Command: dot1x max-req <count>

no dot1x max-req

Function: Sets the number of EAP request/MD5 frame to be sent before the switch re-initials

authentication on no supplicant response; the “no dot1x max-req” command restores the default setting.

Parameters: <count> is the times to re-transfer EAP request/ MD5 frames, the valid range is 1 to 10.

Command mode: Global Mode.

Default: The default maximum for retransmission is 2.

Usage Guide: The default value is recommended in setting the EAP request/ MD5 retransmission times.

Example: Changing the maximum retransmission times for EAP request/ MD5 frames to 5 times.

Switch(config)#dot1x max-req 5

42.12 dot1x user free-resource

Command: dot1x user free-resource <prefix> <mask>

no dot1x user free-resource

Function: To configure 802.1x free resource; the no form command closes this function.

Parameter: <prefix> is the segment for limited resource,in dotted decimal format;

<mask> is the mask for limited resource,in dotted decimal format.

Advertising
Popular Brands
Popular manuals