Manualshelf

mac

ManualsBrandsip ManualsNetworkingipv6
391392393394395396397398399400
392
25.16 dot1x port-method
Command: dot1x port-method {macbased | portbased | userbased {standard |
advanced}}
no dot1x port-method
Function: To configure the access control method of appointed interface. The no form
command restores the default access control method.
Parameter: macbased means the access control method based on MAC address
portbased means the access control method based on port
userbased means the access control method based on user, it can be
divided into two types, one is standard access control method, and the other is advanced
access control method
Command mode: Port Configuration Mode.
Default: Advanced access control method based on user is used by default.
Usage Guide: This command is used to configure the dot1x authentication method for the
specified port. When port based authentication is applied, only one host can authenticate
itself through one port. And after authentication, the host will be able to access all the
resources. When MAC based authentication is applied, multiple host which are connected
to one port can access all the network resources after authentication. When either of the
above two kinds of access control is applied, un-authenticated host cannot access any
resources in the network.
When user based access control is applied, un-authenticated users can only access
limited resources of the network. The user based access control falls into two kinds the
standard access control and the advanced access control. The standard user based
access control does not limit the access to the limited resources when the host is not
authenticated yet. While the user based advanced access control can control the access
to the limited resources before authentication is done.
Notes: The 802.1x free resource must be configured first for standard control method
based on user.
Example: To configure the access control method based on port for Etherent1/4.
Switch(Config-If-Ethernet1/4)#dot1x port-method portbased
25.17 dot1x privateclient enable
Command: dot1x privateclient enable
no dot1x privateclient enable
Function: To configure the switch to force the authentication client to use private 802.1x