Switch 7700 Configuration Guide
IEEE 802.1x 179
Implement 802.1x on Ethernet Switch
The 3Com Switch 7700 not only supports the port access authentication method
regulated by 802.1x, but also extends and optimizes it in the following way:
■ Support to connect several End Stations in the downstream via a physical port.
■ The access control (or the user authentication method) can be based on port or
MAC address.
In this way, the system becomes more securer and easier to manage.
Configuring 802.1x The configuration tasks of 802.1x itself can be fulfilled in system view of the
Ethernet switch. When the global 802.1x is not enabled, the user can configure
the 802.1x state of the port. The configured items will take effect after the global
802.1x is enabled.
Note: Do not enable 802.1x and RSTP at the same time otherwise switch may not
work normally.
The 802.1x configuration tasks are described in the following sections:
■ Enabling/Disabling 802.1x
■ Setting the Port Access Control Mode
■ Setting Port Access Control Method
■ Checking the Users that Log on the Switch by Proxy
■ Setting Number of Users on a Port
■ Enabling DHCP to Launch Authentication
■ Enabling DHCP to Launch Authentication
■ Enabling EAP Relay
■ Setting the Maximum Retransmission Times
■ Configuring Timers
■ Enabling/Disabling Quiet-Period Timer
The first one task is mandatory; otherwise 802.1x will not take effect. The other
tasks are optional.
Enabling/Disabling 802.1x
The following commands can be used to enable/disable the 802.1x on the
specified port. When no port is specified in system view, the 802.1x is
enabled/disabled globally.
Perform the following configurations in system view or Ethernet port view.
User can configure 802.1x on individual port. The configuration will take effect
right after 802.1x is enabled globally.
Tabl e 1 Enable/Disable 802.1x
Operation Command
Enable the 802.1x dot1x [interface interface-list]
Disable the 802.1x undo dot1x [interface interface-list]