User's Manual
Table Of Contents
- Reference for the Business Policy Switch 2000 Command Line Interface
- Contents
- Figures
- Tables
- Preface
- Chapter 1: CLI Basics
- Stacking compatibility
- Software version 2.0 compatibility with BayStack 450 switches
- New features
- CLI command modes
- Port numbering
- IP notation
- Accessing the CLI
- Setting the CLI password
- Getting help
- Basic navigation
- Managing basic system information
- Managing MAC address forwarding database table
- Displaying and setting stack operational mode
- Chapter 2: General CLI commands
- Setting the terminal
- Pinging
- Automatically loading configuration file
- Assigning and clearing IP addresses
- Assigning and clearing IP addresses for specific units
- Setting Telnet access
- Setting server for Web-based management
- Setting boot parameters
- Setting TFTP parameters
- Upgrading software
- Displaying interfaces
- Setting SNMP parameters
- Setting the system event log
- Displaying port statistics
- Enabling or disabling a port
- Naming ports
- Setting port speed
- Enabling Autopology
- Enabling flow control
- Enabling rate-limiting
- Chapter 3: Security
- Using the IP manager list
- Using MAC address security
- show mac-security command
- show mac-security mac-da-filter command
- mac-security command
- mac-security mac-address-table address command
- mac-security security-list command
- no mac-security command
- no mac-security mac-address-table command
- no mac-security security-list command
- mac-security command for specific ports
- mac-security mac-da-filter command
- Using EAPOL-based security
- Using RADIUS authentication
- Chapter 4: Spanning Tree, MLT, and Port-Mirroring
- Using spanning tree
- show spanning-tree command
- spanning-tree stp create command by STG
- spanning-tree stp delete command by STG
- spanning-tree stp enable command by STG
- spanning-tree stp disable command by STG
- spanning-tree command by STG
- default spanning-tree command by STG
- spanning-tree add-vlan command
- spanning-tree remove-vlan command
- spanning-tree command by port
- default spanning-tree command by port
- no spanning-tree command by port
- Using MLT
- Using port-mirroring
- Using spanning tree
- Chapter 5: VLANs and IGMP
- Increased VLAN support
- Configuring and displaying VLANs
- show vlan interface info command
- show vlan interface vids command
- vlan mgmt command
- default vlan mgmt command
- vlan create command
- vlan delete command
- no vlan command
- vlan name command
- auto-pvid command
- no auto-pvid command
- vlan ports command
- vlan members command
- show vlan mac-address command
- vlan mac-address command
- no vlan mac-address command
- Displaying multicast membership
- Using IGMP snooping
- Chapter 6: Policy-enabled networks and QoS
- Displaying QoS parameters
- Resetting
- Configuring COPS
- Configuring QoS interface groups
- Configuring DSCP and 802.1p and queue associations
- Configuring QoS filters and filter groups
- Configuring QoS actions
- Configuring QoS meters
- Configuring QoS shapers
- Gathering QoS statistics
- Configuring QoS policies
- Reordering packets
- Appendix A: Command List
- Index
130 Chapter 3 Security
212160-B
Table 70 describes the parameters and variables for the eapol command for
modifying parameters
Table 70 eapol command for modifying parameters and variables
Parameters and variables Description
port <portllist> Specifies the ports to configure for EAPOL; enter the port numbers you
want.
Note: If you omit this parameter, the system uses the port number
specified when you issued the
interface command.
init Re-initiates EAP authentication.
status
authorized|unauthorized|auto
Specifies the EAP status of the port:
• authorized—port is always authorized
• unauthorized—port is always unauthorized
• auto—port authorization status depends on the result of the EAP
authentication
traffic-control in-outIin Sets the level of traffic control:
• in-out—if EAP authentication fails, both ingressing and egressing
traffic are blocked
• in—if EAP authentication fails, only ingressing traffic is blocked
re-authentication
enable|disable
Enables or disables re-authentication.
re-authentication-interval
<num>
Enter the number of seconds you want between re-authentication
attempts; range is 1 to 604800.
Use either this variable or the re-authentication-period variable; do not
use both variables because the two variables control the same setting.
re-authentication-period
<1-604800>
Enter the number of seconds you want between re-authentication
attempts.
Use either this variable or the re-authentication-interval variable; do not
use both variables because the two variables control the same setting.
re-authenticate Specifies an immediate re-authentication.
quiet-interval <num> Enter the number of seconds you want between an authentication failure
and the start of a new authentication attempt; range is 1 to 65535.
transmit-interval <num> Specifies a waiting period for response from supplicant for EAP
Request/Identity packets. Enter the number of seconds you want to wait;
range is 1-65535.
supplicant-timeout <num> Specifies a waiting period for response from supplicant for all EAP
packets except EAP Request/Identity packets. Enter the number of
seconds you want to wait; range is 1-65535.