R3303-HP HSR6800 Routers Security Configuration Guide
89
• auto—Places the port initially in the unauthorized state to allow only EAPOL packets to pass, and
after a user passes authentication, sets the port in the authorized state to allow access to the network.
You can use this option in most scenarios.
You can set authorization state for one port in interface view, or for multiple ports in system view. If
different authorization state is set for a port in system view and interface view, the one set later takes
effect.
To set the authorization state of a port:
Ste
p
Command
Remarks
1. Enter system
view.
system-view N/A
2. Set the port
authorization
state in system
view or Ethernet
interface view.
• In system view:
dot1x port-control { authorized-force | auto |
unauthorized-force } [ interface interface-list ]
• In Ethernet interface view:
a. interface interface-type interface-number
b. dot1x port-control { authorized-force | auto |
unauthorized-force }
By default, auto applies.
Specifying an access control method
You can specify an access control method for one port in interface view, or for multiple ports in system
view. If different access control methods are specified for a port in system view and interface view, the
one specified later takes effect.
To specify the access control method:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Specify an access
control method in
system view or
Ethernet interface
view.
• In system view:
dot1x port-method { macbased |
portbased } [ interface interface-list ]
• In Ethernet interface view:
a. interface interface-type
interface-number
b. dot1x port-method { macbased |
portbased }
By default, MAC-based access
control applies.
Setting the maximum number of concurrent 802.1X
users on a port
You can set the maximum number of concurrent 802.1X users for ports individually in interface view or in
bulk in system view. If different settings are configured for a port in both views, the setting configured later
takes effect.
To set the maximum number of concurrent 802.1X users on a port: