Manualshelf

Operation Manual

ManualsBrandsTrapeze smart mobile ManualsSoftwareMobility System Software 7.3
51525354555657585960
Port Commands
Port Commands
5 – 61
For 802.1X clients, wired authentication works only if the clients are directly attached to the wired
authentication port, or are attached through a hub that does not block forwarding of packets from
the client to the PAE group address (01:80:c2:00:00:03). Wired authentication works in accordance
with the 802.1X specification, which prohibits a client from sending traffic directly to an
authenticator MAC address until the client is authenticated. Instead of sending traffic to the
authenticator MAC address, the client sends packets to the PAE group address. The 802.1X
specification prohibits networking devices from forwarding PAE group address packets, because
this would make it possible for multiple authenticators to acquire the same client.
For non-802.1X clients, who use MAC authentication, WebAAA, or last-resort authentication,
wired authentication works if the clients are directly attached or indirectly attached.
Examples
The following command sets port 10 for a wired authentication user:
MX# set port type wired-auth 10
success: change accepted
Examples
The following command sets port 7 for a wired authentication user and specifies a
maximum of three simultaneous user sessions:
MX# set port type wired-auth 7 max-sessions 3
success: change accepted
See Also
clear port type on page 5-46
set port type ap on page 5-59
show port counters
Displays port statistics.
Syntax
show port counters [octets | packets | receive-errors | transmit-errors |
collisions | receive-etherstats | transmit-etherstats] [port
port-list]
Table 5– 6. Wired Authentication Port Defaults
Port Parameter Setting
VLAN membership Removed from all VLANs. You cannot assign an MP access
port to a VLAN. MSS automatically assigns MP access ports to
VLANs based on user traffic.
Spanning Tree Protocol (STP) Not applicable
802.1X Uses authentication parameters configured for users.
Port groups Not applicable
IGMP snooping Enabled as users are authenticated and join VLANs.
Maximum user sessions 1 (one).
Fallthru authentication type None.
octets Displays octet statistics.
packets Displays packet statistics.
receive-errors Displays errors in received packets.
transmit-errors Displays errors in transmitted packets.
collisions Displays collision statistics.