Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

100

Forcibly Authorizing or Unauthorizing a Port

The 802.1X ports can be placed into any of the three states:

• ForceAuthorized — an authorized state. A device connected to this port in this state is never subjected to the authentication process,

but is allowed to communicate on the network. Placing the port in this state is same as disabling 802.1X on the port.

• ForceUnauthorized — an unauthorized state. A device connected to a port in this state is never subjected to the authentication

process and is not allowed to communicate on the network. Placing the port in this state is the same as shutting down the port. Any

attempt by the supplicant to initiate authentication is ignored.

• Auto — an unauthorized state by default. A device connected to this port in this state is subjected to the authentication process. If the

process is successful, the port is authorized and the connected device can communicate on the network. All ports are placed in the

Auto state by default.

To set the port state, use the following command.

• Place a port in the ForceAuthorized, ForceUnauthorized, or Auto state.

INTERFACE mode

dot1x port-control {force-authorized | force-unauthorized | auto}

The default state is auto.

Example of Placing a Port in Force-Authorized State and Viewing the Conguration

The example shows conguration information for a port that has been force-authorized.

The bold line shows the new port-control state.

Dell(conf-if-Gi-1/1)#dot1x port-control force-authorized

Dell(conf-if-Gi-1/1)#show dot1x interface GigabitEthernet 1/1

802.1x information on Gi 1/1:

-----------------------------

Dot1x Status: Enable

Port Control: FORCE_AUTHORIZED

Port Auth Status: UNAUTHORIZED

Re-Authentication: Disable

Untagged VLAN id: None

Tx Period: 90 seconds

Quiet Period: 120 seconds

ReAuth Max: 2

Supplicant Timeout: 30 seconds

Server Timeout: 30 seconds

Re-Auth Interval: 3600 seconds

Max-EAP-Req: 10

Auth Type: SINGLE_HOST

Auth PAE State: Initialize

Backend State: Initialize

Auth PAE State: Initialize

Backend State: Initialize

Re-Authenticating a Port

You can congure the authenticator for periodic re-authentication.

After the supplicant has been authenticated, and the port has been authorized, you can congure the authenticator to re-authenticate the

supplicant periodically. If you enable re-authentication, the supplicant is required to re-authenticate every 3600 seconds by default, and you

can congure this interval. You can congure the maximum number of re-authentications as well.

To congure re-authentication time settings, use the following commands:

• Congure the authenticator to periodically re-authenticate the supplicant.

INTERFACE mode

802.1X