Setup Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S6100-ON

101

102

103

104

105

106

107

108

109

110

Example of Viewing Congured Server Timeouts

The example shows conguration information for a port for which the authenticator terminates the authentication process for an

unresponsive supplicant or server after 15 seconds.

The bold lines show the new supplicant and server timeouts.

DellEMC(conf-if-Te-1/1/1/1)#dot1x port-control force-authorized

DellEMC(conf-if-Te-1/1/1/1)#do show dot1x interface TenGigabitEthernet 1/1/1/1

802.1x information on Te 1/1/1/1:

-----------------------------

Dot1x Status: Enable

Port Control: FORCE_AUTHORIZED

Port Auth Status: UNAUTHORIZED

Re-Authentication: Disable

Untagged VLAN id: None

Guest VLAN: Disable

Guest VLAN id: NONE

Auth-Fail VLAN: Disable

Auth-Fail VLAN id: NONE

Auth-Fail Max-Attempts: NONE

Tx Period: 90 seconds

Quiet Period: 120 seconds

ReAuth Max: 10

Supplicant Timeout: 15 seconds

Server Timeout: 15 seconds

Re-Auth Interval: 7200 seconds

Max-EAP-Req: 10

Auth Type: SINGLE_HOST

Auth PAE State: Initialize

Backend State: Initialize

Enter the tasks the user should do after nishing this task (optional).

Multi-Host Authentication

By default, 802.1x assumes that a single end user is connected to a single authenticator port in a one-to-one mode of authentication called

single-host mode. If multiple end users are connected to the same port, a many-to-one conguration, only the rst end user to respond to

the identity request is authenticated. Subsequent responses are ignored, and a system log is generated to indicate reception of unexpected

802.1x frames. When a port is authorized, the authenticated supplicant MAC address is associated with the port, and trac from any other

source MACs is dropped.

Figure 9. Single-Host Authentication Mode

106

802.1X