Reference Guide
1050 | Security
www.dell.com | support.dell.com
Command History
Usage Information
The key configured with this command must match the key configured on the TACACS+ daemon.
Port Authentication (802.1X) Commands
The 802.1X Port Authentication commands are:
• dot1x authentication (Configuration)
• dot1x authentication (Interface)
• dot1x auth-fail-vlan
• dot1x auth-server
• dot1x guest-vlan
• dot1x mac-auth-bypass
• dot1x max-eap-req
• dot1x port-control
• dot1x quiet-period
• dot1x reauthentication
• dot1x reauth-max
• dot1x server-timeout
• dot1x supplicant-timeout
• dot1x tx-period
• show dot1x interface
An authentication server must authenticate a client connected to an 802.1X switch port. Until the
authentication, only EAPOL (Extensible Authentication Protocol over LAN) traffic is allowed through
the port to which a client is connected. Once authentication is successful, normal traffic passes through
the port.
FTOS supports RADIUS and Active Directory environments using 802.1X Port Authentication.
Important Points to Remember
FTOS limits network access for certain users by using VLAN assignments. 802.1X with VLAN
assignment has these characteristics when configured on the switch and the RADIUS server.
• 802.1X is supported on C-Series, E-Series, and S-Series.
• 802.1X is not supported on the LAG or the channel members of a LAG.
• If no VLAN is supplied by the RADIUS server or if 802.1X authorization is disabled, the port is
configured in its access VLAN after successful authentication.
Version 8.3.11.1 Introduced on Z9000
Version 7.7.1.0 Authentication key length increased to 42 characters
Version 7.6.1.0 Introduced for S-Series
Version 7.5.1.0 Introduced for C-Series
pre-Version 6.2.1.1 Introduced on E-Series