xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual
210
28
802.1X
C
OMMANDS
The Switch implements the server-side of the IEEE 802.1x Port-based and MAC-based Network Access Control. This mechanism is
intended to allow only authorized users, or other network devices, access to network resources by establishing criteria for each port on
the Switch that a user or network device must meet before allowing that port to forward or receive frames.
Command Parameters
enable 802.1x
disable 802.1x
show 802.1x auth_state
{ports [<portlist> | all]}
show 802.1x auth_configuration
{ports [<portlist> | all]}
config 802.1x capability ports
[<portlist> | all] [authenticator | none]
config 802.1x auth_parameter ports
[<portlist> | all] [default | {direction [both | in] | port_control [force_unauth |
auto | force_auth] | quiet_period <sec 0-65535> | tx_period <sec 1-65535> |
supp_timeout <sec 1-65535> | server_timeout <sec 1-65535> | max_req
<value 1-10> | reauth_period <sec 1-65535> | enable_reauth [enable |
disable]}]
config 802.1x init
[port_based ports [<portlist> | all] | mac_based [ports] [<portlist> |all]
{mac_address <macaddr>}]
config 802.1x auth_mode
[port_based | mac_based]
config 802.1x reauth
{port_based ports [<portlist> | all] | mac_based [ports] [<portlist> |all]
{mac_address <macaddr>}]
config radius add
<server_index 1-3> <server_ip> key <passwd 32> [default | {auth_port
<udp_port_number 1-65535> | acct_port <udp_port_number 1-65535>}]
config radius delete
<server_index 1-3>
config radius
<server_index 1-3> {ipaddress <server_ip> | key <passwd 32> [auth_port
<udp_port_number 1-65535> acct_port <udp_port_number 1-65535>]}
show radius
show acct_client
show auth_client
show auth_diagnostics
{ports [<portlist> | all]}
show auth_session statistics
{ports [<portlist> | all]}
show auth_statistics
{ports [<portlist> | all]}
create 802.1x user
<username 15>
show 802.1x user
delete 802.1x user
create 802.1x guest_vlan
<vlan_name 32>
config 802.1x guest_vlan ports
[<portlist> | all] state [enable | disable]
show 802.1x guest_vlan
delete 802.1x guest_vlan
<vlan_name 32>
Each command is listed, in detail, in the following sections