Users Guide
Dell PowerConnect 55xx Systems User Guide 133
•
RADIUS, None
— Perform port authentication first by using the
RADIUS server. If no response is received from RADIUS (for
example, if the server is down), then no authentication is
performed, and the session is permitted.
•
RADIUS
— Authenticate the user on the RADIUS server. If no
authentication is performed, the session is not permitted.
•
None
— Do not authenticate the user. Permit the session.
–
Guest VLAN
— Enable/disable the use of a Guest VLAN for
unauthorized ports. If a Guest VLAN is enabled, all unauthorized
ports automatically join the VLAN selected in the Guest VLAN ID
field. If a port is later authorized, it is removed from the Guest VLAN.
–
VLAN List
— Select the Guest VLAN from the VLAN list.
–
Monitoring Mod
e — Enable/disable logging authentication attempts.
–
Monitoring VLAN
— Enter the ID of the VLAN to which traffic
being monitored is routed after unsuccessful Dot1x authentication.
–
Accept Supplicant when Dynamic Policy/ACL Assignment Has No
Resources
— If no resources remain in the TCAM, the system can
either reject (disable) or allow (enable) successful authentication.
Enabling Port-Based Authentication Globally Using the CLI Commands
The following table summarizes the CLI commands for enabling the port
based authentication as displayed in the Port Based Authentication Global
page.
Table 8-12. Port-Based Authentication Global CLI Commands
CLI Command Description
aaa authentication dot1x
default method1 [method2]
no aaa authentication dot1x
default
Specifies one or more AAA methods for
use on interfaces running IEEE 802.1X.
Use the no form of this command to
restore the default configuration.
dot1x system-auth-control
no dot1x system-auth-control
Enables 802.1x globally.
Use the no form of this command to
restore the default configuration.