Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

The Port-Authentication Process................................................................................................................................. 85

EAP over RADIUS........................................................................................................................................................86

Configuring 802.1X............................................................................................................................................................86

Important Points to Remember..................................................................................................................................... 86

Enabling 802.1X..................................................................................................................................................................87

Configuring dot1x Profile ................................................................................................................................................89

Configuring MAC addresses for a do1x Profile.......................................................................................................... 89

Configuring the Static MAB and MAB Profile ...........................................................................................................90

Configuring Critical VLAN ...............................................................................................................................................91

Configuring Request Identity Re-Transmissions........................................................................................................ 91

Configuring a Quiet Period after a Failed Authentication........................................................................................92

Forcibly Authorizing or Unauthorizing a Port............................................................................................................. 93

Re-Authenticating a Port................................................................................................................................................ 93

Configuring Dynamic VLAN Assignment with Port Authentication...................................................................... 94

Guest and Authentication-Fail VLANs......................................................................................................................... 95

Configuring a Guest VLAN........................................................................................................................................96

Configuring an Authentication-Fail VLAN............................................................................................................. 96

Configuring Timeouts................................................................................................................................................. 98

Multi-Host Authentication...............................................................................................................................................98

Multi-Supplicant Authentication................................................................................................................................... 101

MAC Authentication Bypass......................................................................................................................................... 102

MAB in Single-host and Multi-Host Mode...........................................................................................................102

MAB in Multi-Supplicant Authentication Mode.................................................................................................. 103

Configuring MAC Authentication Bypass.............................................................................................................103

Dynamic CoS with 802.1X............................................................................................................................................. 104

Chapter 6: Access Control Lists (ACLs)..................................................................................... 106

IP Access Control Lists (ACLs)....................................................................................................................................106

CAM Usage..................................................................................................................................................................107

User-Configurable CAM Allocation........................................................................................................................108

Allocating CAM for Ingress ACLs on the Port Extender.................................................................................. 108

Allocating CAM for Egress ACLs on the Port Extender...................................................................................109

Implementing ACLs on Dell EMC Networking OS.............................................................................................. 110

ACL Optimization to Increase Number of Supported IPv4 ACLs.......................................................................... 111

Optimizing ACL for More Number of IPv4 ACL Rules.......................................................................................112

IP Fragment Handling...................................................................................................................................................... 112

IP Fragments ACL Examples....................................................................................................................................113

Layer 4 ACL Rules Examples....................................................................................................................................113

Configure a Standard IP ACL........................................................................................................................................ 114

Configuring a Standard IP ACL Filter.................................................................................................................... 115

Configure an Extended IP ACL..................................................................................................................................... 115

Configuring Filters with a Sequence Number......................................................................................................116

Configuring Filters Without a Sequence Number............................................................................................... 117

Configure Layer 2 and Layer 3 ACLs........................................................................................................................... 117

Using ACL VLAN Groups................................................................................................................................................ 118

Guidelines for Configuring ACL VLAN Groups.................................................................................................... 118

Configuring an ACL VLAN Group........................................................................................................................... 119

Allocating ACL VLAN CAM.......................................................................................................................................119

Applying an IP ACL..........................................................................................................................................................120

Applying Ingress ACLs on the Port Extender......................................................................................................120

Contents