Command Reference Guide
352 CHAPTER 9: MANAGED ACCESS POINT COMMANDS
Defaults — When the WPA IE is enabled, 802.1X authentication of WPA
clients is enabled by default. If the WPA IE is disabled, the auth-dot1x
setting has no effect.
Access — Enabled.
History —Introduced in MSS Version 3.0.
Usage — This command does not disable dynamic WEP for non-WPA
clients. To disable dynamic WEP for non-WPA clients, enable the WPA IE
(if not already enabled) and disable the 40-bit WEP and 104-bit WEP
cipher suites in the WPA IE, if they are not already disabled.
To use 802.1X authentication for WPA clients, you also must enable the
WPA IE.
If you disable 802.1X authentication of WPA clients, the only method
available for authenticating the clients is preshared key (PSK)
authentication. To use this, you must enable PSK support and configure a
passphrase or key.
Examples — The following command disables 802.1X authentication for
WPA clients that use service profile wpa_clients:
WX4400# set service-profile wpa_clients auth-dot1x disable
success: change accepted.
See Also
display service-profile on page 302
set service-profile auth-psk on page 354
set service-profile psk-phrase on page 360
set service-profile wpa-ie on page 370
set service-profile
auth-fallthru
Specifies the authentication type for users who do not match an 802.1X
or MAC authentication rule for an SSID managed by the service profile.
When a user tries to associate with an SSID, MSS checks the
authentication rules for that SSID for a userglob that matches the
username. If the SSID does not have an authentication rule that matches
the username, authentication for the user falls through to the fallthru
method.