DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
421
50.
Network Access Authentication Commands
50-1 authentication guest-vlan
This command is used to configure the guest VLAN setting. Use the
no
form of this command to
remove the guest VLAN.
authentication guest-vlan
VLAN-ID
no authentication guest-vlan
Parameters
VLAN-ID
Specifies the authentication guest VLAN.
Default
None.
Command Mode
Interface Configuration Mode.
Command Default Level
Level: 12.
Usage Guideline
This command cannot be configured if the specified VLAN does not exist as a static VLAN. The host
cannot access the network until it passes the authentication. If the guest VLAN is configured, the host
is allowed to access the guest VLAN without passing the authentication. During authentication, if the
RADIUS server assigns a VLAN to the user, then the user will be authorized to this assigned VLAN.
Guest VLAN and VLAN assignment does not take effect on trunk VLAN port and VLAN tunnel port.
Normally guest VLAN and VLAN assignment are functioning for hosts that connect to untagged ports.
It may cause unexpected behavior if it is functioning on hosts that send tagged packets.
If the authentication host-mode is set to
multi-host
, the port will be added as a guest VLAN member
port and the PVID of the port will change to guest VLAN. Traffic that comes from guest VLAN can be
forward whatever whether authenticated. Traffic that comes from other VLANs will still be dropped
until it pass authentication. When one host passes authentication, the port will leave the guest VLAN
and be added to the assigned VLAN. The PVID of the port will be changed to the assigned VLAN.
If the authentication host-mode is set to
multi-auth
, the port will be added as a guest VLAN member
port and the PVID of the port will be changed to a guest VLAN. Hosts that are allowed to access the
guest VLAN are forbidden to access other VLANs until it pass authentication. When one host passes
authentication, the port will stay in the guest VLAN, the PVID of the port will not be changed.
If guest VLAN is disabled, the port will exit the guest VLAN and return to the native VLAN. The PVID
will change to the native VLAN.
Example
This example shows how to specify VLAN 5 as a guest VLAN.
Switch# configure terminal
Switch(config)# interface eth1/0/1
Switch(config-if)# authentication guest-vlan 5
Switch(config-if)#
50-2 authentication host-mode
This command is used to specify the authentication mode. Use the
no
form of this command to revert
to the default setting.
Summary of Contents for DGS-1510 Series
Page 1: ...1 0 ...
Page 27: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 24 ...
Page 281: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 278 ...
Page 336: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 333 ...
Page 475: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 472 ...
Page 695: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 692 ...