Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4820T

1281

Defaults Not configured.

Command Modes CONFIGURATION

Command

History

This guide is platform-specific. For command information about other platforms, see the relevant Dell

Networking OS Command Line Reference Guide.

Version Description

9.8(1.0) Introduced on the Z9100-ON.

9.8(0.0P5) Introduced on the S4048-ON.

9.8(0.0P2) Introduced on the S3048-ON.

9.7(0.0) Introduced on the S6000–ON.

9.2(1.0) Introduced on the Z9500.

9.0.2.0 Introduced on the S6000.

8.3.19.0 Introduced on the S4820T.

8.3.11.1 Introduced on the Z9000.

8.3.7.0 Introduced on the S4810.

7.7.1.0 Authentication key length increased to 42 characters.

7.6.1.0 Introduced on the S-Series.

7.5.1.0 Introduced on the C-Series.

pre-6.2.1.1 Introduced on the E-Series.

Usage

Information

The key configured with this command must match the key configured on the TACACS+ daemon.

Port Authentication (802.1X) Commands

An authentication server must authenticate a client connected to an 802.1X switch port. Until the authentication, only

Extensible Authentication Protocol over LAN (EAPOL) traffic is allowed through the port to which a client is connected. After

authentication is successful, normal traffic passes through the port.

Dell Networking OS supports RADIUS and Active Directory environments using 802.1X Port Authentication.

Important Points to Remember

Dell Networking OS limits network access for certain users by using VLAN assignments. 802.1X with VLAN assignment has

these characteristics when configured on the switch and the RADIUS server.

●

802.1X is supported on Dell Networking OS.

● 802.1X is not supported on the LAG or the channel members of a LAG.

● If no VLAN is supplied by the RADIUS server or if 802.1X authorization is disabled, the port is configured in its access VLAN

after successful authentication.

● If 802.1X authorization is enabled but the VLAN information from the RADIUS server is not valid, the port returns to the

Unauthorized state and remains in the configured access VLAN. This prevents ports from appearing unexpectedly in an

inappropriate VLAN due to a configuration error. Configuration errors create an entry in Syslog.

● If 802.1X authorization is enabled and all information from the RADIUS server is valid, the port is placed in the specified

VLAN after authentication.

● If port security is enabled on an 802.1X port with VLAN assignment, the port is placed in the RADIUS server assigned VLAN.

● If 802.1X is disabled on the port, it is returned to the configured access VLAN.

● When the port is in the Force Authorized, Force Unauthorized, or Shutdown state, it is placed in the configured access

VLAN.

● If an 802.1X port is authenticated and put in the RADIUS server assigned VLAN, any change to the port access VLAN

configuration does not take effect.

1288

Security