3com 4210 PWR 9-Port 3CR17341-91-ME 用户手册
产品代码
3CR17341-91-ME
Advanced 802.1x Configuration
227
n
As for the dot1x version-user command, if you execute it in system view without
specifying the interface-list argument, the command applies to all ports. You can
also execute this command in port view. In this case, this command applies to the
current port only and the interface-list argument is not needed.
specifying the interface-list argument, the command applies to all ports. You can
also execute this command in port view. In this case, this command applies to the
current port only and the interface-list argument is not needed.
Enabling
DHCP-triggered
Authentication
After performing the following configuration, 802.1X allows running DHCP on
access users, and users are authenticated when they apply for dynamic IP
addresses through DHCP.
access users, and users are authenticated when they apply for dynamic IP
addresses through DHCP.
Configuring Guest VLAN
Enable
802.1x
client
version
checking
802.1x
client
version
checking
In system
view
view
dot1x version-check [
interface interface-list ]
interface interface-list ]
Required
By default, 802.1x client version
checking is disabled on a port.
checking is disabled on a port.
In port
view
view
interface interface-type
interface-number
interface-number
dot1x version-check
quit
Set the maximum
number of retires to
send version checking
request packets
number of retires to
send version checking
request packets
dot1x retry-version-max
max-retry-version-value
max-retry-version-value
Optional
By default, the maximum number
of retires to send version checking
request packets is 3.
of retires to send version checking
request packets is 3.
Set the client version
checking period timer
checking period timer
dot1x timer ver-period
ver-period-value
ver-period-value
Optional
By default, the timer is set to 30
seconds.
seconds.
Table 165 Configure client version checking
Operation
Command Remarks
Table 166 Enable DHCP-triggered authentication
Operation
Command
Remarks
Enter system view
system-view
-
Enable
DHCP-triggered
authentication
DHCP-triggered
authentication
dot1x dhcp-launch
Required
By default, DHCP-triggered
authentication is disabled.
authentication is disabled.
Table 167 Configure Guest VLAN
Operation
Command
Remarks
Enter system view
system-view
-
Configure port access method dot1x port-method
portbased
Required
The default port access method is
MAC-address-based. That is, the
macbased keyword is used by
default.
MAC-address-based. That is, the
macbased keyword is used by
default.
Enable the
Guest VLAN
function
Guest VLAN
function
In system view dot1x guest-vlan
vlan-id [ interface
interface-list ]
interface-list ]
Required
By default, the Guest VLAN
function is disabled.
function is disabled.
In port view
interface interface-type
interface-number
interface-number
dot1x guest-vlan
vlan-id
vlan-id
quit