R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution

141

142

143

144

145

146

147

148

149

150

127

undo dot1x port-control

Default

The default port authorization state is auto.

Views

System view, Ethernet interface view

Default command level

2: System level

Parameters

authorized-force: Places the specified or all ports in the authorized state, enabling users on the ports to

access the network without authentication.

auto: Places the specified or all ports initially in the unauthorized state to allow only EAPOL packets to

pass, and after a user passes authentication, sets the port in the authorized state to allow access to the

network. You can use this option in most scenarios.

unauthorized-force: Places the specified or all ports in the unauthorized state, denying any access

requests from users on the ports.

interface interface-list: Specifies an Ethernet port list, which can contain multiple Ethernet ports. The

interface-list argument is in the format of interface-list = { interface-type interface-number [ to

interface-type interface-number ] } & <1-10>, where interface-type represents the port type,

interface-number represents the port number, and & <1-10> means that you can provide up to 10 ports

or port ranges. The start port number must be smaller than the end number and the two ports must be of

the same type.

Usage guidelines

In system view, if no interface is specified, the command applies to all ports.

Examples

# Set the authorization state of port GigabitEthernet 3/0/1 to unauthorized-force.

<Sysname> system-view

[Sysname] dot1x port-control unauthorized-force interface gigabitethernet 3/0/1

<Sysname> system-view

[Sysname] interface gigabitethernet 3/0/1

[Sysname-GigabitEthernet3/0/1] dot1x port-control unauthorized-force

# Set the authorization state of ports GigabitEthernet 3/0/2 through GigabitEthernet 3/0/5 to

unauthorized-force.

<Sysname> system-view

[Sysname] dot1x port-control unauthorized-force interface gigabitethernet 3/0/2 to

gigabitethernet 3/0/5

Related commands

display dot1x

dot1x port-method

Use dot1x port-method to specify an access control method for the specified or all ports.