Reference Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S5000

1221

Defaults Not configured.

Command

Modes

CONFIGURATION (conf-if-interface-slot/port)

Command

History

Version 9.0(1.3) Introduced on the S5000.

Usage

Information

802.1X authentication is enabled when an interface is connected to the switch. If

the host fails to respond within a designated amount of time, the authenticator

places the port in the guest VLAN.

If a device does not respond within 30 seconds, it is assumed that the device is not

802.1X capable. Therefore, a guest VLAN is allocated to the interface and

authentication for the device occurs at the next re-authentication interval (dot1x

reauthentication).

If the host fails authentication for the designated amount of times, the

authenticator places the port in authentication failed VLAN (dot1x auth-fail-

vlan).

NOTE: The layer 3 portion of guest VLAN and authentication fail VLANs can be

created regardless if the VLAN is assigned to an interface or not. After an

interface is assigned a guest VLAN (which has an IP address), routing through

the guest VLAN is the same as any other traffic. However, the interface may

join/leave a VLAN dynamically.

Commands

dot1x auth-fail-vlan – configures a VLAN for authentication failures.

dot1x reauthentication – enables periodic re-authentication.

show dot1x interface – displays the 802.1X information on an interface.

dot1x max-eap-req

Configure the maximum number of times an extensive authentication protocol (EAP) request is

transmitted before the session times out.

S5000

Syntax

dot1x max-eap-req number

To return to the default, use the no dot1x max-eap-req command.

Parameters

number Enter the number of times an EAP request is transmitted

before a session time-out. The range is 1 to 10. The default is

Defaults 2

Command

Modes

INTERFACE

1226

Security