xStack
®
DGS-3400 Series Layer 2 Gigabit Managed Switch CLI Manual
192
config 802.1x auth_parameter ports
Purpose Used to configure the 802.1X Authentication parameters on a range of ports. The default
parameter will return all ports in the specified range to their default 802.1X settings.
Syntax
config 802.1x auth_parameter ports [<portlist> | all] [default | {direction [both | in] |
port_control [force_unauth | auto | force_auth] | quiet_period <sec 0-65535> |
tx_period <sec 1-65535> | supp_timeout <sec 1-65535> | server_timeout <sec 1-
65535> | max_req <value 1-10> | reauth_period <sec 1-65535> | max_users [<value
1-128> | no_limit] | enable_reauth [enable | disable]}] (1)
Description This command is used to configure the 802.1X Authentication parameters on a range of
ports. The default parameter will return all ports in the specified range to their default
802.1X settings.
Parameters
<portlist> − Specifies a port or range of ports to be configured. The port list is specified by
listing the lowest switch number and the beginning port number on that switch, separated
by a colon. Then the highest switch number, and the highest port number of the range
(also separated by a colon) are specified. The beginning and end of the port list range are
separated by a dash. For example, 1:3 specifies switch number 1, port 3. 2:4 specifies
switch number 2, port 4. 1:3–2:4 specifies all of the ports between switch 1, port 3 and
switch 2, port 4 − in numerical order. Non–contiguous portlist entries are separated by a
comma. (ex: 1:1–1:3,1:7–1:9)
all − Specifies all of the ports on the Switch.
default − Returns all of the ports in the specified range to their 802.1X default settings.
direction [both | in] − Determines whether a controlled port blocks communication in both
the receiving and transmitting directions, or just the receiving direction.
port_control − Configures the administrative control over the authentication process for
the range of ports. The user has the following authentication options:
• force_auth − Forces the Authenticator for the port to become authorized.
Network access is allowed.
• auto
−
Allows the port’s status to reflect the outcome of the authentication
process.
• force_unauth − Forces the Authenticator for the port to become unauthorized.
Network access will be blocked.
quiet_period <sec 0–65535> − Configures the time interval between authentication failure
and the start of a new authentication attempt.
tx_period <sec 1–65535> – Configures the time to wait for a response from a supplicant
(user) to send EAP Request/Identity packets.
supp_timeout <sec 1–65535> – Configures the time to wait for a response from a
supplicant (user) for all EAP packets, except for the Request/Identity packets.
server_timeout <sec 1–65535> – Configure the length of time to wait for a response from
a RADIUS server.
max_req <value 1–10> − Configures the number of times to retry sending packets to a
supplicant (user).
reauth_period <sec 1–65535> − Configures the time interval between successive re–
authentications.
max_users <value 1-128> |no_limit- Specifies per port maximum number of users. The
range is 1 to 128. The default value is 16.
enable_reauth [enable | disable] − Determines whether or not the Switch will re–
authenticate. Enabled causes re–authentication of users at the time interval specified in
the Re–authentication Period field, above.
Restrictions Only Administrator and Operator-level users can issue this command.
Example usage:
To configure 802.1X authentication parameters for ports 1 to 20 on module 1:
