User Guide
OmniAccess SafeGuard OS Administration Guide
267
Chapter 6: Configuring Authentication and Role Derivation
no aaa dot1x port-control
The following example sets the authentication mode to force-authorized on
interface 0/12:
(SafeGuardOS) #configure terminal
(SafeGuardOS) (config) #interface 0/12
(SafeGuardOS) (interface 0/12) #aaa dot1x port-control force-authorized
(SafeGuardOS) (interface 0/12) #
4 Initialize the port for auto (dot1x initialize).
5 Verify your configuration with the show aaa dot1x command.
Displaying 802.1x Configuration Information
There are Privileged Exec show commands to display 802.1x configuration and 802.1x-
related information. See the following sections:
■ Showing a Detailed Configuration
■ Showing 802.1x Statistics
Syntax Description auto (Default) Specifies that all ports
enforce 802.1x authentication
for 802.1x clients and grants
controlled access to an
authenticated 802.1x client.
802.1x communicates status
changes of clients with the
Authentication Manager.
force-unauthorized Specifies that all ports are
blocked and are
administratively unauthorized.
Traffic is prohibited in all
directions for all clients.
force-authorized Specifies that the ports act as if
802.1x is disabled. Any
authorized host connected to
the port does not need to
support 802.1x. The
Authentication Manager does
not receive the credentials for
the host but does receive the
port’s traffic because the
unauthenticated policy is still
applied. Instead, the
Authentication Manager
derives the credentials using
passive or active
authentication.