Alcatel-Lucent 6850-48 参考指南
802.1X Commands
OmniSwitch CLI Reference Guide
September 2009
page 59-9
802.1x supplicant policy authentication
Configures a supplicant device classification policy for an 802.1x port. This type of policy uses 802.1x
authentication via a remote RADIUS server. A supplicant is any device that uses the 802.1x protocol for
authentication.
authentication via a remote RADIUS server. A supplicant is any device that uses the 802.1x protocol for
authentication.
802.1x slot/port supplicant policy authentication [[pass] {group-mobility | user-network-profile
profile_name | vlan vid | default-vlan | block | captive-portal}...] [[fail] {user-network-profile
profile_name | vlan vid | block | captive-portal}...]
profile_name | vlan vid | default-vlan | block | captive-portal}...] [[fail] {user-network-profile
profile_name | vlan vid | block | captive-portal}...]
Syntax Definitions
slot/port
The slot and port number of the 802.1x port.
pass
Indicates which policies to apply if 802.1x authentication is successful
but does not return a VLAN ID.
but does not return a VLAN ID.
fail
Indicates which policies to apply if 802.1x authentication fails or if
successful authentication returns a VLAN ID that does not exist.
successful authentication returns a VLAN ID that does not exist.
group-mobility
Use Group Mobility rules for device classification.
profile_name
The name of an existing User Network Profile (UNP) to use for device
classification.
classification.
vid
Use this VLAN ID number for device classification.
default-vlan
Assigns supplicant to the default VLAN for the 802.1x port.
block
Blocks supplicant access on the 802.1x port.
captive-portal
Use Captive Portal for web-based device classification.
Defaults
When 802.1x is enabled on the port, a default supplicant policy is defined for the port. This policy uses the
group-mobility and default-vlan parameters for the pass case and the block parameter for the fail case.
group-mobility and default-vlan parameters for the pass case and the block parameter for the fail case.
When the 802.1x supplicant policy authentication command is used without specifying any parameters,
the following values for the pass and fail case are configured by default:
the following values for the pass and fail case are configured by default:
Platforms Supported
OmniSwitch 6400, 6850, 6855, 9000, 9000E
Usage Guidelines
• Supplicant device classification policies are applied only when successful 802.1x authentication does
not return a VLAN ID, returns a VLAN ID that does not exist, or authentication fails.
parameter
default
pass block
fail
block