690
Field
Description
Anonymous
identifier
802.1X client anonymous identifier.
SSL client policy
SSL client policy used by the 802.1X client feature.
FSM state
802.1X client authentication state:
•
Init
—The authentication process starts.
•
Connecting
—The 802.1X client is connecting to the authenticator.
•
Authenticating
—The 802.1X client is being authenticated.
•
Authenticated
—The 802.1X client has been authenticated.
•
Held
—The 802.1X client is waiting for authentication.
EAPOL-Start
packets
Number of sent EAPOL-Start packets.
dot1x supplicant anonymous identify
Use
dot1x supplicant anonymous identify
to configure an 802.1X client anonymous identifier.
Use
undo dot1x supplicant anonymous identify
to restore the default.
Syntax
dot1x supplicant anonymous identify
identifier
undo dot1x supplicant anonymous identify
Default
No 802.1X client anonymous identifier exists.
Views
Ethernet interface view
Predefined user roles
network-admin
mdc-admin
Parameters
identifier
: Specifies an 802.1X client anonymous identifier, a case-sensitive string of 1 to 253
characters.
Usage guidelines
At the first authentication phase, packets sent to the authenticator are not encrypted. The use of an
802.1X client anonymous identifier prevents the 802.1X client username from being disclosed at the
first phase. The 802.1X client-enabled device sends the anonymous identifier to the authenticator
instead of the 802.1X client username. The 802.1X client username will be sent to the authenticator
in encrypted packets at the second phase.
If no 802.1X client anonymous identifier is configured, the device sends the 802.1X client username
in the first phase.
The configured 802.1X client anonymous identifier takes effect only if one of the following EAP
authentication methods is used:
•
PEAP-MSCHAPv2.
•
PEAP-GTC.
•
TTLS-MSCHAPv2.