694
Parameters
cipher
: Specifies a password in encrypted form.
simple
: Specifies a password in plaintext form. For security purposes, the password specified in
plaintext form will be stored in encrypted form.
string
: Specifies the password. Its plaintext form is a case-sensitive string of 1 to 127 characters. Its
encrypted form is a case-sensitive string of 1 to 201 characters.
Examples
# Set the 802.1X client password to
123456
in plaintext form on a port.
<Sysname> system-view
[Sysname] interface ten-gigabitethernet 1/0/1
[Sysname-Ten-GigabitEthernet1/0/1] dot1x supplicant password simple 123456
Related commands
display dot1x supplicant
dot1x supplicant enable
dot1x supplicant ssl-client-policy
Use
dot1x supplicant ssl-client-policy
to specify an SSL client policy for an 802.1X client-enabled
device.
Use
undo dot1x supplicant ssl-client-policy
to restore the default.
Syntax
dot1x supplicant ssl-client-policy
policy-name
undo dot1x supplicant ssl-client-policy
policy-name
Default
An 802.1X client-enabled device uses the default SSL client policy.
Views
Ethernet interface view
Predefined user roles
network-admin
mdc-admin
Parameters
policy-name
: Specifies an SSL client policy by its name, a case-insensitive string of 1 to 31
characters. Make sure the specified SSL client policy already exists.
Usage guidelines
If the PEAP-MSCHAPv2, PEAP-GTC, TTLS-MSCHAPv2, or TTLS-GTC authentication is used, the
802.1X client authentication process is as follows:
•
The first phase
—The device acts as an SSL client to negotiate with the SSL server.
The SSL client uses the SSL parameters specified in the specified SSL client policy to establish
a connection to the SSL server for negotiation. The SSL parameters include a PKI domain,
supported cipher suites, and the SSL version. For information about SSL client policies, see
Security Configuration Guide
.
•
The second phase
—The device uses the negotiated result to encrypt and transmit the
interchanged authentication packets.