3com 5500-SI Manual De Usuario

802.1x Client Version Checking Configuration 401

When the Guest VLAN function is enabled:

■

The switch broadcasts active authentication packets to all 802.1x-enabled ports.

■

The switch adds the ports that do not return response packets to Guest VLAN
When the maximum number of authentication retries is reached.

■

Users belonging to the Guest VLAN can access the resources of the Guest VLAN
without being authenticated. But they need to be authenticated before accessing
external resources.

Prerequisites

■

The ports operate in port-based authentication mode.

■

The VLAN specified to be the Guest VLAN already exists.

Guest VLAN

Configuration

Configuring Guest VLAN in system view

Configure Guest VLAN in

Ethernet port view

The Guest VLAN function is available only when the switch operates in the port-based
authentication mode.

Only one Guest VLAN can be configured for a switch.

Supplicant systems that are not authenticated, fail to pass the authentication, or are
offline belong to Guest VLANs.

Guest VLAN

Configuration Example

Network requirements

■

Create VLAN 2.

■

Configure Ethernet1/0/1 port to operate in port-based authentication mode.

■

Configure Guest VLAN for Ethernet1/0/1 port.

Table 426 Configure Guest VLAN in system view

Operation

Command

Description

Enter system view

system-view

—

Configure Guest VLAN
for specified ports

dot1x guest-vlan vlan-id [
interface interface-list ]

Required
This operation applies to all ports
of the switch if you do not provide
the interface-list argument. And if
you specify the interface-list
argument, the operation applies to
the specified Ethernet ports.

Table 427 Configure Guest VLAN in Ethernet port view

Operation

Command

Description

Enter system view

system-view

—

Enter Ethernet port view interface interface-type

interface-num

—

Configure Guest VLAN
for the port

dot1x guest-vlan vlan-id

Required
This operation configures Guest
VLAN for the current port only.