User's Manual
Table Of Contents
- Warranty and Product Registration
- How to Use This Guide
- Contents
- Figures
- Tables
- Getting Started
- Web Configuration
- Command Line Interface
- Using the Command Line Interface
- General Commands
- System Management Commands
- country
- prompt
- system name
- system-resource
- password
- reboot-schedule
- apmgmgtui ssh enable
- apmgmtui ssh port
- apmgmtui telnet- server enable
- apmgmtui http port
- apmgmtui http server
- apmgmtui http session-timeout
- apmgmtui https port
- apmgmtui https server
- apmgmtui snmp
- apmgmtip
- show apmanagement
- show system
- show system resource
- show version
- show config
- System Logging Commands
- System Clock Commands
- DHCP Relay Commands
- SNMP Commands
- snmp-server community
- snmp-server contact
- snmp-server location
- snmp-server enable server
- snmp-server host
- snmp-server trap
- snmp-server vacm view
- snmp-server vacm group
- snmp-server user
- snmp-server target
- snmp-server filter
- show snmp users
- show snmp target
- show snmp filter
- show snmp
- show snmp vacm view
- show snmp vacm group
- Flash/File Commands
- RADIUS Client Commands
- 802.1X Authentication Commands
- MAC Address Authentication Commands
- Filtering Commands
- Spanning Tree Commands
- bridge stp service
- bridge stp br-conf forwarding-delay
- bridge stp br-conf hello-time
- bridge stp br-conf max-age
- bridge stp br-conf priority
- bridge stp port-conf interface
- bridge-link path-cost
- bridge-link port- priority
- vap (STP Interface)
- path-cost (STP Interface)
- port-priority (STP Interface)
- bridge mac-aging
- show bridge stp
- show bridge br-conf
- show bridge port-conf interface
- show bridge status
- show bridge forward address
- show bridge mac- aging
- WDS Bridge Commands
- Ethernet Interface Commands
- Wireless Interface Commands
- interface wireless
- vap
- a-mpdu
- a-msdu
- channel
- transmit-power
- min-allowed-rate
- disable-coexist
- make-rf-setting- effective
- preamble
- short-guard-interval
- beacon-interval
- dtim-period
- rts-threshold
- ssid
- closed-system
- max-client
- max-association
- client-assoc-preempt
- assoc-timeout- interval
- auth-timeout-interval
- multicast-enhance
- shutdown (VAP)
- interfere-chan- recover
- antenna-chain
- long-distance
- long-distance reference-data
- long-distance slottime
- long-distance acktimeout
- long-distance ctstimeout
- bandwidth-control downlink
- bandwidth-control downlink rate
- bandwidth-control uplink
- bandwidth-control uplink rate
- show interface wireless
- show station
- show station statistics
- Wireless Security Commands
- Rogue AP Detection Commands
- Link Integrity Commands
- Link Layer Discovery Commands
- VLAN Commands
- WMM Commands
- QoS Commands
- Appendices
- Index of CLI Commands
- Index
– 173 –
18 802.1X Authentication
Commands
The access point supports IEEE 802.1X access control for wireless clients. This
control feature prevents unauthorized access to the network by requiring an
802.1X client application to submit user credentials for authentication. Client
authentication is then verified by a RADIUS server using EAP (Extensible
Authentication Protocol) before the access point grants client access to the
network. The 802.1X EAP packets are also used to pass dynamic unicast session
keys and static broadcast keys to wireless clients.
802.1x enable This command configures 802.1X as enabled for wireless clients. Use the no form to
disable 802.1X support.
Syntax
802.1x enable
no 802.1x
Default Setting
Disabled
Command Mode
Inface Configuration (Wireless-VAP)
Command Usage
◆ When 802.1X is disabled, the access point does not support 802.1X
authentication for any station. After successful 802.11 association, each client is
allowed to access the network.
◆ 802.1X does not apply to the 1000BASE-T port.
◆ To display the current 802.1X status, use the show interface wireless
command.
Table 14: 802.1x Authentication
Command Function Mode Page
802.1x enable Configures 802.1X as enabled or disabled IC-W-VAP
173
802.1x reauthentication-
time
Sets the timeout after which a connected client must
be re-authenticated
IC-W-VAP
174