User Manual

ManualsBrandsPLANET Technology ManualsLAN SwitchesLayer 3 24-Port 10G SFP+ + 4-Port 100G QSFP28 Managed Switch

161

162

163

164

165

166

167

168

169

170

165

Users Manual of XGS-6350-24X4C

Run the following command to start up the 802.1x authentication:

Run… To…

dot1x port-control auto

Configure the 802.1x protocol control

method on the port.

aaa authentication dot1x {default

|list name} method

Configure the AAA authentication of

802.1x.

Run one of the following commands in port configuration mode to select 802.1x control method:

Run… To…

dot1x port-control auto

Start up the 802.1x authentication

method on the port.

dot1x port-control force-authorized

Approve the mandatory port

authentication.

dot1x port-control

force-unauthorized

Disapprove the mandatory port

authentication.

15.2.2 Configuring 802.1x Multiple Port Authentication

802.1x authentication is for the authentication of single host user. In this case, the switch allows only one user

to perform authentication and access control. Other users cannot be authenticated and access unless the

previous user exits authentication and access. In the case the port connects multiple hosts through switch

devices, such as 1108 switch, that do not support 802.1x, you can start up the multiple port access function to

make sure that all host users can access.

After a port is configured to multiple host authentication of 802.1x, the switch authenticates different host

users. When authentication is approved, the host will be allowed to access through the switch (the MAC

address of host is used for control). Theoretically, 802.1x cannot limit the number of host users. Because the

switch controls the user authentication through the MAC address of user, the number of host users will be

limited by the size of the MAC address table of the switch.

Run the following command in interface configuration mode to activate 802.1x multiple host authentication:

Run… To…

dot1x multiple-hosts

Set the 802.1x multiple port

authentication.

15.2.3 Configuring Maximum Times for 802.1x ID Authentication

When 802.1x authentication starts or 802.1x authentication is being performed again, 802.1x sends ID

authentication request to guest hosts. If the request message is dropped or delayed because network

problems, the requirement message will be sent again. If the message is resent certain times, 802.1x stops to

send the message and the ID authentication fails.

You can reset the maximum times of ID authentication request according to different network conditions,

ensuring the clients are authenticated successfully by the authentication server.