Инструкции По Установке для 3com S7906E

 

1-15 

Follow these steps to enable 802.1X for a port: 

Enter system view 

— 

In system 
view 

dot1x interface interface-list 

interface interface-type 
interface-number  

Enable 
802.1X for 
one or more 
ports  

In Ethernet 
interface view 

Required 

Use either approach. 

Disabled by default 

 

Follow these steps to configure 802.1X parameters for a port: 

Enter system view 

— 

Enter Ethernet interface view 

interface interface-type 
interface-number 

— 

Specify the port authorization 
mode for the port 

dot1x port-control 
{ authorized-force | auto | 
unauthorized-force } 

Optional 

auto by default 

Specify the port access control 
method for the port 

dot1x port-method 
{ macbased | portbased } 

Optional 

macbased by default 

Set the maximum number of 
users for the port 

dot1x max-user user-number 

Optional 

1024 by default 

 

Note that: 

z 

Enabling 802.1X on a port is mutually exclusive with adding the port to an aggregation group and 

adding the port to a service loopback group.  

z 

For a user-side device sending untagged traffic, the voice VLAN function and 802.1X are mutually 

exclusive and cannot be configured together on the same port. For details about voice VLAN, refer 

to VLAN Configuration in the Access Volume. 

z 

In EAP relay authentication mode, the device encapsulates the 802.1X user information in the EAP 

attributes of RADIUS packets and sends the packets to the RADIUS server for authentication. In 

this case, you can configure the user-name-format command but it does not take effect. For 

information about the user-name-format command, refer to AAA Commands in the Security 

Volume. 

z 

If the username of a client contains the version number or one or more blank spaces, you can 

neither retrieve information nor disconnect the client by using the username. However, you can use 

items such as IP address and connection index number to do so.