Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

701

702

703

704

705

706

707

708

709

710

seq 37 permit ip host 1.1.1.1 host 2.2.2.2 dscp 63 ecn 3 fragments log monitor no-

drop order 254

seq 42 permit ip any host 150.0.0.100 dscp 63 ecn 3

seq 47 permit ip 100.0.0.0/28 200.0.0.0/23

seq 52 permit ip 100.0.0.0/16 any

seq 57 permit icmp host 1.1.1.1 200.0.0.0/23

seq 62 permit icmp any 200.0.0.0/27

seq 67 permit icmp host 1.1.1.1 any

seq 72 permit udp 1.1.1.1 1.1.1.1 eq 65535 2.2.2.2 2.2.2.2 eq 65535

Extended Ingress IP access list __Rad1_388f179100 on GigabitEthernet 2/1(Radius-

ACL)Supplicant MAC-38:8f:17:91:00:00

Total cam count 4

seq 5 permit ip host 100.0.0.1 host 150.0.0.100 count (0 packets)

seq 10 deny ip host 100.0.0.1 host 100.0.0.2 count (0 packets)

seq 15 permit ip host 100.0.0.10 host 150.0.0.100 count (0 packets)

show dot1x interface output:

DellEMC#show dot1x interface gigabitethernet 1/3

802.1x information on Gi 1/3:

-----------------------------

Dot1x Status: Enable

Port Control: AUTO

Re-Authentication: Disable

Guest VLAN: Disable

Guest VLAN id: NONE

Auth-Fail VLAN: Disable

Auth-Fail VLAN id: NONE

Auth-Fail Max-Attempts: NONE

Critical VLAN: Disable

Critical VLAN id: NONE

Mac-Auth-Bypass: Disable

Mac-Auth-Bypass Only: Disable

Static-MAB: Disable

Static-MAB Profile: NONE

Tx Period: 30 seconds

Quiet Period: 60 seconds

ReAuth Max: 2

Supplicant Timeout: 30 seconds

Server Timeout: 30 seconds

Re-Auth Interval: 3600 seconds

Max-EAP-Req: 2

Host Mode: MULTI_AUTH

Max-Supplicants: 128

Port status and State info for Supplicant: 06:32:42:61:00:00

Port Auth Status: AUTHORIZED

Untagged VLAN id: None

ACL Name: __Rad_3_632426100

Auth PAE State: Authenticated

Backend State: Idle

Filter-Id attribute

The NAS dynamically applies the ACLs that are created using a OS9 CLI to a supplicant after authentication. Dell EMC

Networking OS allows to apply the same filter for user ACL and RADIUS ACL on different interfaces.

NOTE: It is not recommended to configure the same filter both as a user ACL and RADIUS ACL on an interface.

Any change in the filter such as adding a new filter rule and removing a filter rule takes effect immediately on the RADIUS ACL

as the rules are provisioned in the NAS.

When the filter rules have unsupported filters, the NAS ignores all the unsupported filters and applies only the supported filters

in the filter rules.

If a filter name that is not configured in the NAS is used, NAS creates a filter without any filter rules and authorizes the

supplicant with that name with no filter rules.

708

Security