17 dot1x privateclient enable, 18 dot1x re-authenticate, 19 dot1x re-authentication – PLANET XGS3-24040 User Manual

Page 758: X privateclient enable, X re, Authenticate, Authentication

Advertising
background image

Commands for Security Function Chapter 2 Commands for 802.1x

42-30

access to the limited resources when the host is not authenticated yet. While the user based advanced

access control can control the access to the limited resources before authentication is done.

Webbased access management is used mostly in layer switch. The global configuration of WEB

authentication agent and HTTP redirection address is needed before setting the port to Webbased

access management. Webbased access management is conflicted with the command of ip dhcp

snooping binding user-control.

Notes: The 802.1x free resource must be configured first for standard control method based on user.

Example: To configure the standard control method based on port for Etherent1/4.

Switch(Config-If-Ethernet1/4)#dot1x port-method portbased

42.17 dot1x privateclient enable

Command: dot1x privateclient enable

no dot1x privateclient enable

Function: To configure the switch to force the authentication client to use private 802.1x authentication

protocol. The no prefix will disable the command and allow the authentication client to use the standard

802.1x authentication protocol.

Command: Global Mode.

Default: Private 802.1x authentication packet format is disabled by default.

Usage Guide: To implement integrated solution, the switch must be enabled to use private 802.1x

protocol, or many applications will not be able to function. If the switch forces the authentication client to

use private 802.1x protocol, the standard client will not be able to work.

Example: To force the authentication client to use private 802.1x authentication protocol.

Switch(config)#dot1x privateclient enable

42.18 dot1x re-authenticate

Command: dot1x re-authenticate [interface <interface-name>]

Function: Enables real-time 802.1x re-authentication (no wait timeout requires) for all ports or a

specified port.

Parameters: <interface-name> stands for port number, omitting the parameter for all ports.

Command mode: Global Mode.

Usage Guide: This command is an Global Mode command. It makes the switch to re-authenticate the

client at once without waiting for re-authentication timer timeout. This command is no longer valid after

authentication.

Example: Enabling real-time re-authentication on port1/8.

Switch(config)#dot1x re-authenticate interface ethernet 1/8

42.19 dot1x re-authentication

Command: dot1x re-authentication

no dot1x re-authentication

Advertising
Popular Brands
Popular manuals