3com S7906E Guide De Référence

 

1-9 

2: System level  

domain-name: ISP domain name, a case-insensitive string of 1 to 24 characters.  

Use the dot1x mandatory-domain command to specify the mandatory authentication domain for 

users accessing the port.  

Use the undo dot1x mandatory-domain command to remove the mandatory authentication domain.  

By default, no mandatory authentication domain is specified.  

Note that:  

z 

When authenticating an 802.1X user trying to access the port, the system selects an authentication 

domain in the following order: the mandatory domain, the ISP domain specified in the username, 

and the default ISP domain.  

z 

The specified mandatory authentication domain must exist. 

z 

On a port configured with a mandatory authentication domain, the user domain name displayed by 

the  display connection command is the name of the mandatory authentication domain. For 

detailed information about the display connection command, refer to AAA  Commands  in the 

Security Volume.  

Related commands: display dot1x. 

# Configure the mandatory authentication domain my-domain  for 802.1X users on GigabitEthernet 

2/0/1. 

<Sysname> system-view 

[Sysname] interface GigabitEthernet 2/0/1 

[Sysname-GigabitEthernet2/0/1] dot1x mandatory-domain my-domain 

# After 802.1X user usera passes the authentication, display the user connection information on 

GigabitEthernet 2/0/1. 

[Sysname-GigabitEthernet2/0/1] display connection interface GigabitEthernet 2/0/1 

 

Index=68  ,Username=usera@my-domian 

MAC=0015-e9a6-7cfe   ,IP=3.3.3.3 

 Total 1 connection(s) matched. 

In system view: 

dot1x max-user user-number [ interface interface-list ] 

undo dot1x max-user [ interface interface-list ] 

In Ethernet interface view: 

dot1x max-user user-number