Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

The Port-Authentication Process..................................................................................................................................... 82

EAP over RADIUS..........................................................................................................................................................82

Configuring 802.1X..............................................................................................................................................................83

Important Points to Remember.........................................................................................................................................83

Enabling 802.1X....................................................................................................................................................................84

Configuring dot1x Profile ................................................................................................................................................... 86

Configuring MAC addresses for a do1x Profile................................................................................................................86

Configuring the Static MAB and MAB Profile ................................................................................................................ 87

Configuring Critical VLAN ..................................................................................................................................................87

Configuring Request Identity Re-Transmissions............................................................................................................. 88

Configuring a Quiet Period after a Failed Authentication...............................................................................................89

Forcibly Authorizing or Unauthorizing a Port...................................................................................................................89

Re-Authenticating a Port................................................................................................................................................... 90

Configuring Dynamic VLAN Assignment with Port Authentication...............................................................................91

Guest and Authentication-Fail VLANs..............................................................................................................................92

Configuring a Guest VLAN........................................................................................................................................... 92

Configuring an Authentication-Fail VLAN.................................................................................................................. 93

Configuring Timeouts....................................................................................................................................................94

Multi-Host Authentication..................................................................................................................................................95

Multi-Supplicant Authentication........................................................................................................................................ 97

MAC Authentication Bypass..............................................................................................................................................99

MAB in Single-host and Multi-Host Mode................................................................................................................. 99

MAB in Multi-Supplicant Authentication Mode.........................................................................................................99

Configuring MAC Authentication Bypass...................................................................................................................99

Dynamic CoS with 802.1X................................................................................................................................................ 100

6 Access Control Lists (ACLs)...................................................................................................... 102

IP Access Control Lists (ACLs)........................................................................................................................................102

CAM Usage...................................................................................................................................................................103

User-Configurable CAM Allocation............................................................................................................................104

Allocating CAM for Ingress ACLs on the Port Extender.........................................................................................104

Allocating CAM for Egress ACLs on the Port Extender......................................................................................... 105

Implementing ACLs on Dell EMC Networking OS................................................................................................... 106

ACL Optimization to Increase Number of Supported IPv4 ACLs................................................................................107

Optimizing ACL for More Number of IPv4 ACL Rules............................................................................................ 108

IP Fragment Handling........................................................................................................................................................108

IP Fragments ACL Examples...................................................................................................................................... 108

Layer 4 ACL Rules Examples...................................................................................................................................... 109

Configure a Standard IP ACL............................................................................................................................................110

Configuring a Standard IP ACL Filter......................................................................................................................... 110

Configure an Extended IP ACL..........................................................................................................................................111

Configuring Filters with a Sequence Number............................................................................................................ 111

Configuring Filters Without a Sequence Number.....................................................................................................112

Configure Layer 2 and Layer 3 ACLs............................................................................................................................... 113

Using ACL VLAN Groups...................................................................................................................................................113

Guidelines for Configuring ACL VLAN Groups..........................................................................................................114

Configuring an ACL VLAN Group............................................................................................................................... 114

Allocating ACL VLAN CAM..........................................................................................................................................115

Applying an IP ACL............................................................................................................................................................. 115

Applying Ingress ACLs on the Port Extender............................................................................................................116

Contents