User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIACCESS SAFEGUARD CONTROLLER

261

262

263

264

265

266

267

268

269

270

OmniAccess SafeGuard OS Administration Guide

266

Chapter 6: Configuring Authentication and Role Derivation

no aaa dot1x port-control all

The following example sets the authentication mode to force-unauthorized:

(SafeGuardOS) # configure terminal

(SafeGuardOS) (config) # aaa dot1x port-control all force-unauthorized

(SafeGuardOS) (config) # exit

To Set for an Interface:

Use the aaa dot1x port-control command in Interface Configuration mode to set

the authentication mode for a specific port. Use the no version of the command to

return to the default value of

auto.

aaa dot1x port-control [auto | force-authorized | force-

unauthorized

]

Syntax Description auto (Default) Specifies that all ports

enforce 802.1x authentication

for 802.1x clients and grants

controlled access to an

authenticated 802.1x client.

802.1x communicates status

changes of clients with the

Authentication Manager.

force-unauthorized Specifies that all ports are

blocked and are

administratively unauthorized.

Traffic is prohibited in all

directions for all clients.

force-authorized Specifies that the ports act as if

802.1x is disabled. Any

authorized host connected to

the port does not need to

support 802.1x. The

Authentication Manager does

not receive the credentials for

the host but does receive the

port’s traffic because the

unauthenticated policy is still

applied. Instead, the

Authentication Manager

derives the credentials using

passive or active

authentication.