3com 5500-ei pwr Installation Instruction
1-14
Configuring Basic 802.1x Functions
Follow these steps to configure basic 802.1x functions:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enable 802.1x globally
dot1x
Required
By default, 802.1x is disabled
globally.
globally.
In system
view
view
dot1x interface interface-list
interface interface-type
interface-number
interface-number
dot1x
Enable
802.1x for
specified
ports
802.1x for
specified
ports
In port view
quit
Required
By default, 802.1x is disabled on all
ports.
ports.
In system
view
view
dot1x port-control
{ authorized-force |
unauthorized-force | auto }
[ interface interface-list ]
{ authorized-force |
unauthorized-force | auto }
[ interface interface-list ]
interface interface-type
interface-number
interface-number
dot1x port-control
{ authorized-force |
unauthorized-force | auto }
{ authorized-force |
unauthorized-force | auto }
Set port
authorization
mode for
specified
ports
authorization
mode for
specified
ports
In port view
quit
Optional
By default, an 802.1x-enabled port
operates in the auto mode.
operates in the auto mode.
In system
view
view
dot1x port-method
{ macbased | portbased }
[ interface interface-list ]
{ macbased | portbased }
[ interface interface-list ]
interface interface-type
interface-number
interface-number
dot1x port-method
{ macbased | portbased }
{ macbased | portbased }
Set access
control
method for
specified
ports
control
method for
specified
ports
In port view
quit
Optional
The default access control method
on a port is MAC-based (that is, the
macbased keyword is used by
default).
on a port is MAC-based (that is, the
macbased keyword is used by
default).
Set authentication method
for 802.1x users
for 802.1x users
dot1x
authentication-method
{ chap | pap | eap }
authentication-method
{ chap | pap | eap }
Optional
By default, a switch performs CHAP
authentication in EAP terminating
mode.
authentication in EAP terminating
mode.
Enable online user
handshaking
handshaking
dot1x handshake enable
Optional
By default, online user handshaking
is enabled.
is enabled.
Enter Ethernet port view
interface interface-type
interface-number
interface-number
—
Enable the handshake
packet protection function
packet protection function
dot1x handshake secure
Optional
By default, the handshake packet
protection function is disabled.
protection function is disabled.