mac
391
25.14 dot1x max-user userbased
Command: dot1x max-user userbased <number>
no dot1x max-user userbased
Function: Set the upper limit of the number of users allowed access the specified port
when using user-based access control mode; the no command is used to reset the default
value.
Parameters: <number> the maximum number of users allowed to access the network,
ranging from 1 to 1~256.
Command Mode: Port Mode.
Default Settings: The maximum number of users allowed to access each port is 10 by
default.
User Guide: This command can only take effect when the port adopts user-based access
control mode. If the number of authenticated users exceeds the upper limit of the number
of users allowed access the network, those extra users can not access the network.
Examples: Setting port 1/3 to allow 5 users.
Switch(Config-If-Ethernet1/3)#dot1x max-user userbased 5
25.15 dot1x port-control
Command: dot1x port-control {auto | force-authorized | force-unauthorized}
no dot1x port-control
Function: Sets the 802.1x authentication status; the ―no dot1x port-control‖ command
restores the default setting.
Parameters: auto enable 802.1x authentication, the port authorization status is
determined by the authentication information between the switch and the supplicant;
force-authorized sets port to authorized status, unauthenticated data is allowed to pass
through the port; force-unauthorized will set the port to non-authorized mode, the switch
will not provide authentication for the supplicant and prohibit data from passing through
the port.
Command mode: Port configuration Mode
Default: When 802.1x is enabled for the port, auto is set by default.
Usage Guide: If the port needs to provide 802.1x authentication for the user, the port
authentication mode should be set to auto.
Example: Setting port1/1 to require 802.1x authentication mode.
Switch(config)#interface ethernet 1/1
Switch(Config-If-Ethernet1/1)#dot1x port-control auto