Manualshelf

Command Line Reference Guide

ManualsBrandsDell Manualscomputer componentsNetworking S5000
1141114211431144114511461147114811491150
dot1x auth-server
Configure the authentication server to RADIUS.
S5000
Syntax
dot1x auth-server radius
Defaults none
Command Modes CONFIGURATION
Command History
Version 9.0(1.3) Introduced on the S5000.
dot1x guest-vlan
Configure a guest VLAN for limited access users or for devices that are not 802.1X capable.
S5000
Syntax
dot1x guest-vlan vlan-id
To disable the guest VLAN, use the no dot1x guest-vlan vlan-id command.
Parameters
vlan-id
Enter the VLAN Identifier. The range is 1 to 4094.
Defaults Not configured.
Command Modes CONFIGURATION (conf-if-interface-slot/port)
Command History
Version 9.0(1.3) Introduced on the S5000.
Usage
Information
802.1X authentication is enabled when an interface is connected to the switch. If the host fails
to respond within a designated amount of time, the authenticator places the port in the guest
VLAN.
If a device does not respond within 30 seconds, it is assumed that the device is not 802.1X
capable. Therefore, a guest VLAN is allocated to the interface and authentication for the
device occurs at the next re-authentication interval (dot1x reauthentication).
If the host fails authentication for the designated amount of times, the authenticator places the
port in authentication failed VLAN (dot1x auth-fail-vlan).
NOTE: The layer 3 portion of guest VLAN and authentication fail VLANs can be created
regardless if the VLAN is assigned to an interface or not. After an interface is assigned a
guest VLAN (which has an IP address), routing through the guest VLAN is the same as any
other traffic. However, the interface may join/leave a VLAN dynamically.
1150