ECS4510 Series CLI Reference Guide-R03

ManualsBrandsEdgecore Networks ManualsEnterpriseL2+ Gigabit Ethernet Stackable Switch

271

272

273

274

275

276

277

278

279

280

Table Of Contents

Chapter 8

| Authentication Commands

802.1X Port Authentication

– 275 –

Command Mode

Privileged Exec

Command Usage

This command displays the following information:

◆ Global 802.1X Parameters – Shows whether or not 802.1X port authentication is

globally enabled on the switch (page 264).

◆ Authenticator Parameters – Shows whether or not EAPOL pass-through is

enabled (page 264).

◆ Supplicant Parameters – Shows the supplicant user name used when the switch

responds to an MD5 challenge from an authenticator (page 271).

◆ 802.1X Port Summary – Displays the port access control parameters for each

interface that has enabled 802.1X, including the following items:

■

Type – Administrative state for port access control (Enabled, Authenticator,

or Supplicant).

■

Operation Mode – Allows single or multiple hosts (page 266).

■

Control Mode – Dot1x port control mode (page 267).

■

Authorized – Authorization status (yes or n/a - not authorized).

◆ 802.1X Port Details – Displays the port access control parameters for each

interface, including the following items:

■

Reauthentication – Periodic re-authentication (page 268).

■

Reauth Period – Time after which a connected client must be re-

authenticated (page 269).

■

Quiet Period – Time a port waits after Max Request Count is exceeded

before attempting to acquire a new client (page 268).

■

TX Period – Time a port waits during authentication session before re-

transmitting EAP packet (page 270).

■

Supplicant Timeout – Supplicant timeout.

■

Server Timeout – Server timeout. A RADIUS server must be set before the

correct operational value of 10 seconds will be displayed in this field.

■

Reauth Max Retries – Maximum number of reauthentication attempts.

■

Max Request – Maximum number of times a port will retransmit an EAP

request/identity packet to the client before it times out the authentication

session (page 266).

■

Operation Mode– Shows if single or multiple hosts (clients) can connect to

an 802.1X-authorized port.

■

Port Control–Shows the dot1x mode on a port as auto, force-authorized, or

force-unauthorized (page 267).

■

Intrusion Action– Shows the port response to intrusion when

authentication fails (page 265).

■

Supplicant– MAC address of authorized client.