CLI Reference Guide-R04

ManualsBrandsEdgecore Networks ManualsFixed Broadband AccessENHANCED TEMPERATURE L2+ GIGABIT ETHERNET ACCESS / AGGREGATION SWITCH WITH 4 X 10G UPLINKS

281

282

283

284

285

286

287

288

289

290

Table Of Contents

Chapter 8

| User Authentication Commands

802.1X Port Authentication

– 284 –

Command Mode

Privileged Exec

Command Usage

This command displays the following information:

◆ Global 802.1X Parameters – Shows whether or not 802.1X port authentication is

globally enabled on the switch (page 276).

◆ Authenticator Parameters – Shows whether or not EAPOL pass-through is

enabled (page 275).

◆ 802.1X Port Summary – Displays the port access control parameters for each

interface that has enabled 802.1X, including the following items:

■

Type – Administrative state for port access control (Enabled, Authenticator,

or Supplicant).

■

Operation Mode–Allows single or multiple hosts (page 278).

■

Control Mode – Dot1x port control mode (page 279).

■

Authorized– Authorization status (yes or n/a - not authorized).

◆ 802.1X Port Details – Displays the port access control parameters for each

interface, including the following items:

■

Reauthentication – Periodic re-authentication (page 280).

■

Reauth Period – Time after which a connected client must be re-

authenticated (page 281).

■

Quiet Period – Time a port waits after Max Request Count is exceeded

before attempting to acquire a new client (page 281).

■

TX Period – Time a port waits during authentication session before re-

transmitting EAP packet (page 282).

■

Supplicant Timeout – Supplicant timeout.

■

Server Timeout – Server timeout. A RADIUS server must be set before the

correct operational value of 10 seconds will be displayed in this field.

■

Reauth Max Retries – Maximum number of reauthentication attempts.

■

Max Request – Maximum number of times a port will retransmit an EAP

request/identity packet to the client before it times out the authentication

session (page 278).

■

Operation Mode– Shows if single or multiple hosts (clients) can connect to

an 802.1X-authorized port.

■

Port Control–Shows the dot1x mode on a port as auto, force-authorized, or

force-unauthorized (page 279).

■

Intrusion Action– Shows the port response to intrusion when

authentication fails (page 277).

■

Supplicant– MAC address of authorized client.

◆ Authenticator PAE State Machine

■

State – Current state (including initialize, disconnected,

connecting,

authenticating, authenticated, aborting,

held, force_authorized,

force_unauthorized).

■

Reauth Count– Number of times connecting state is re-entered.