Timer and Maximum User Number Configuration
159
Configuring Basic 802.1x
Functions
CAUTION:
802.1x-related configurations can all be performed in system view. Port access control
mode and port access method can also be configured in port view.
If you perform a configuration in system view and do not specify the interface-list
argument, the configuration applies to all ports. Configurations performed in
Ethernet port view apply to the current Ethernet port only and the interface-list
argument is not needed in this case.
802.1x configurations take effect only after you enable 802.1x both globally and for
specified ports.
Timer and Maximum
User Number
Configuration
Table 122
Configure basic 802.1x functions
Operation
Command
Description
Enter system view
system-view
—
Enable 802.1x globally
dot1x
Required
By default, 802.1x is disabled
globally.
Enable 802.1x for
specified ports
Use the following command in
system view:
dot1x
[
interface
interface-list
]
Required
By default, 802.1x is disabled for all
ports.
Use the following command in
port view:
dot1x
Set port access control
mode for specified
ports
dot1x
port-control
{
authorized-force
|
unauthorized-force
|
auto
} [
interface
interface-list
]
Optional
By default, an 802.1x-enabled port
operates in an
auto
mode.
Set port access method
for specified ports
dot1x
port
-
method
{
macbased
|
portbased
} [
interface
interface-list
]
Optional
The default port access method is
MAC-address-based (that is, the
macbased
keyword is used by
default).
Set authentication
method for 802.1x
users
dot1x
authentication-method
{
chap
|
pap
|
eap }
Optional
By default, a switch performs CHAP
authentication in EAP terminating
mode.
Table 123
Configure 802.1x timers and the maximum number of users
Operation
Command
Description
Enter system view
system-view
-
Configure the
maximum number of
concurrent on-line
users for specified
ports
In system view:
dot1x
max-user
user-number
[
interface
interface-list
]
Optional
By default, up to 256 concurrent
on-line users are allowed on each
port.
In port view:
dot1x
max-user
user-number
Configure the
maximum retry times
to send request
packets
dot1x retry
max-retry-value
Optional
By default, the maximum retry
times to send a request packet is 2.
That is, the authenticator system
sends a request packet to a
supplicant system for up to two
times by default.
Summary of Contents for 4200G 12-Port
Page 10: ...8 CONTENTS...
Page 14: ...4 ABOUT THIS GUIDE...
Page 46: ...32 CHAPTER 5 LOGGING IN THROUGH WEB BASED NETWORK MANAGEMENT SYSTEM...
Page 48: ...34 CHAPTER 6 LOGGING IN THROUGH NMS...
Page 60: ...46 CHAPTER 9 VLAN CONFIGURATION...
Page 64: ...50 CHAPTER 10 MANAGEMENT VLAN CONFIGURATION...
Page 80: ...66 CHAPTER 13 GVRP CONFIGURATION...
Page 98: ...84 CHAPTER 15 LINK AGGREGATION CONFIGURATION...
Page 112: ...98 CHAPTER 18 MAC ADDRESS TABLE MANAGEMENT...
Page 126: ...112 CHAPTER 19 LOGGING IN THROUGH TELNET...
Page 162: ...148 CHAPTER 20 MSTP CONFIGURATION...
Page 274: ...260 CHAPTER 29 IGMP SNOOPING CONFIGURATION...
Page 276: ...262 CHAPTER 30 ROUTING PORT JOIN TO MULTICAST GROUP CONFIGURATION...
Page 298: ...284 CHAPTER 33 SNMP CONFIGURATION...
Page 304: ...290 CHAPTER 34 RMON CONFIGURATION...
Page 338: ...324 CHAPTER 36 SSH TERMINAL SERVICES...
Page 356: ...342 CHAPTER 38 FTP AND TFTP CONFIGURATION...
Page 365: ...Information Center Configuration Example 351 S4200G terminal logging...
Page 366: ...352 CHAPTER 39 INFORMATION CENTER...
Page 378: ...364 CHAPTER 40 BOOTROM AND HOST SOFTWARE LOADING...
Page 384: ...370 CHAPTER 41 Basic System Configuration and Debugging...
Page 388: ...374 CHAPTER 43 NETWORK CONNECTIVITY TEST...
Page 406: ...392 CHAPTER 45 CONFIGURATION OF NEWLY ADDED CLUSTER FUNCTIONS...