Specifications

ManualsBrandsDigitalchina Networks ManualsComputer equipmentDCS-3950 series

241

242

243

244

245

246

247

248

249

250

234

DCS-3950 series Ethernet switch manual

sets port-based access management.

Command mode: Interface Mode

Default: None.

Usage Guide:

For MAC-based access management, Multi-user is allowed to authenticate.For

port-based access management only one user is allowed to authenticate.For both

MAC-based and port-based access management, None of the network resource is

available for unauthorized user.

For user-based standard access management, the special network resource is

available for unauthorized user, all the network resource is available for authorized user.

For user-based acvanced access management, the special network resource is available

only for special unauthorized user, all the network resource is available for authorized

user.

Webbased access management is used mostly in L3 switch.The global configuration

of WEB authentication agent and HTTP redirection address is needed before setting the

port to Webbased access management. Webbased access management is conflicted with

the command of ‘ip dhcp snooping binding user-control’.

Notes: For user-based standard access management, 802.1x must be configed first.

Example: Setting port-based access management for port 0/0/4.

Switch(Config-Ethernet0/0/4)#dot1x port-method userbased standard

14.2.2.15 dot1x privateclient enable

Command: dot1x privateclient enable

no dot1x privateclient enable

Function: Enable private 802.1x messages for 802.1x client for DCS-3950 series

switches. If no is put in front of the command, the private messages will be disabled.

Command mode: Global Mode.

Default: Private 802.1x messages for clients are disabled by default.

Usage Guide: To implement DCN network solution, the private 802.1x messages are a

must. Or many DCN network feature can not be configured. For more detail, please refer

to the DCN DCBI overall network solution. If the switch is configured to use private 802.1x

messages for authentication, the standard 802.1x will not be able to connect to the switch.

Example:Enable the private 802.1x messages for the switch.

Switch(Config)#dot1x privateclient enable

14.2.2.16 dot1x re-authenticate

Command: dot1x re-authenticate [interface <interface-name>]

Function: Enable real-time 802.1x re-authentication (no wait timeout requires) for all

ports or a specified port.

Parameters: <interface-nam> stands for port number, omitting the parameter for all

ports.

Command mode: Admin Mode