Foundry NetIron M2404C and M2404F Metro Access Switches
Configuring Switch Authentication Features (Rev. 03)
802.1x Port-Based Authentication
© 2008 Foundry Networks, Inc.
Page 57 of 70
Command
Description
dot1x re-authenticate
Activates re-authentication for all supplicants that are connected
to a specified port.
dot1x multiple-hosts
Sets 802.1x to Multiple-Hosts mode on a specified port.
dot1x control-
direction permit-in-
traffic
Sets the dot1x traffic mode to Unidirectional Traffic Control per
port basis.
Setting the Control Type for a Specified Port
The
dot1x port-control
command, in Interface Configuration mode, sets 802.1x control type for
the specified port. The
no
form of this command disables the dot1x for the specified port.
By default, the mode is force-authorized.
NOTE
When
learning new-address
is disabled per port, 802.1x will not function correctly.
device-name
(config-if
UU/SS/PP
)#dot1x port-control auto
Warning! Dot1x port control may not work correctly since learning is disabled on
the port.
Command Syntax
device-name
(config-if
UU/SS/PP
)#
dot1x port-control
{
auto
|
force-
authorized
|
force-unauthorized
}
device-name
(config-if
UU/SS/PP
)#
no dot1x port-control
Argument Description
auto
Sets 802.1x to auto mode on the specified port. Enables 802.1x on the
specified interface with the default Single-Host mode.
force-authorized
Sets 802.1x in Force-Authorized mode on the specified port.
force-
unauthorized
Set 802.1x in Force-Unauthorized mode.
Example
device-name
(config)#
interface 1/1/1
device-name
(config-if 1/1/1)#
dot1x port-control auto
Forcing Re-authentication for a Specified Port
The
dot1x re-authenticate
command, in Interface Configuration mode, activates re-authentication
for all supplicants that are connected to the specified port.
Command Syntax
device-name
(config-if
UU/SS/PP
)#
dot1x re-authenticate