Quick Reference Guide
PowerConnect B-Series TI24X Configuration Guide 935
53-1002269-02
Configuring 802.1X port security
28
The host <ip-addr> | <ipv6-addr> | <server-name> parameter is either an IP address or an ASCII
text string.
The dot1x parameter indicates that this RADIUS server supports the 802.1X standard. A RADIUS
server that supports the 802.1X standard can also be used to authenticate non-802.1X
authentication requests.
NOTE
To implement 802.1X port security, at least one of the RADIUS servers identified to the device must
support the 802.1X standard.
Supported RADIUS attributes
Many IEEE 802.1X Authenticators will function as RADIUS clients. Some of the RADIUS attributes
may be received as part of IEEE 802.1X authentication. devices support the following RADIUS
attributes for IEEE 802.1X authentication:
• Username (1) – RFC 2865
• NAS-IP-Address (4) – RFC 2865
• NAS-Port (5) – RFC 2865
• Service-Type (6) – RFC 2865
• FilterId (11) – RFC 2865
• Framed-MTU (12) – RFC 2865
• State (24) – RFC 2865
• Vendor-Specific (26) – RFC 2865
• Session-Timeout (27) – RFC 2865
• Termination-Action (29) – RFC 2865
• Calling-Station-ID (31) – RFC 2865
• NAS-Port-Type (61) š RFC 2865
• Tunnel-Type (64) – RFC 2868
• Tunnel-Medium-Type (65) – RFC 2868
• EAP Message (79) – RFC 2579
• Message-Authenticator (80) RFC 3579
• Tunnel-Private-Group-Id (81) – RFC 2868
• NAS-Port-id (87) – RFC 2869
Specifying the RADIUS timeout action
A RADIUS timeout occurs when the device does not receive a response from a RADIUS server
within a specified time limit and after a certain number of retries. The time limit and number of
retries can be manually configured using the CLI commands radius-server timeout and
radius-server retransmit, respectively. If the parameters are not manually configured, the device
applies the default value of three seconds time limit with a maximum of three retries.