R2511-HP MSR Router Series Security Command Reference(V5)
131
Usage guidelines
The online user handshake security function is implemented based on the online user handshake function.
To bring the security function into effect, make sure the online user handshake function is enabled.
HP recommends that you use the iNode client software and IMC server to ensure the normal operation
of the online user handshake security function.
Examples
# Enable the online user handshake security function.
<Sysname> system-view
[Sysname] interface ethernet 1/4
[Sysname-Ethernet1/4] dot1x handshake secure
Related commands
dot1x handshake
dot1x mandatory-domain
Use dot1x mandatory-domain to specify a mandatory 802.1X authentication domain on a port.
Use undo dot1x mandatory-domain to remove the mandatory authentication domain.
Syntax
dot1x mandatory-domain domain-name
undo dot1x mandatory-domain
Default
No mandatory authentication domain is specified.
Views
Ethernet interface view
Default command level
2: System level
Parameters
domain-name: Specifies the ISP domain name, a case-insensitive string of 1 to 24 characters.
Usage guidelines
When authenticating an 802.1X user trying to access the port, the system selects an authentication
domain in the following order: the mandatory domain, the ISP domain specified in the username, and
the default ISP domain.
To display or cut all 802.1X connections in a mandatory domain, use the display connection domain
isp-name or cut connection domain isp-name command. The output from the display connection
command without any parameters displays domain names entered by users at login. For more
information about the display connection command or the cut connection command, see "AAA
configuration commands."
Examples
# Configure the mandatory authentication domain my-domain for 802.1X users on Ethernet 1/1.
<Sysname> system-view
[Sysname] interface ethernet 1/1