Hà Nội: NTT03, Line 1, Thống Nhất Complex, 82 Nguyễn Tuân, Thanh Xuân, Hà Nội. ● HCM: Số 31B, Đường 1, Phường An Phú, Quận 2 (Thủ Đức), TP HCM. ===> Đơn Vị Hàng Đầu Trong Lĩnh Vực Cung Cấp Thiết Bị Security - Network - Wifi - CCTV - Conference - Máy chủ Server - Lưu trữ Storge.
Danh mục sản phẩm

Configure 802.1X Device Authentication

Configuration Condition

None

Enable the Authentication Function of 802.1X Device

To make the 802.1X device authentication function take effect on the authentication device, you need to enable the 802.1X authentication and 802.1X device authentication function at the same time. After the device authentication takes effect, the connected port of the authentication device and access device becomes the controlled port. After device authentication succeeds, the authentication device enables the controlled port, and the access device connects the network successfully.

Table 14–6 Enable the authentication function of the 802.1X device

Step

Command

Description

Enter global configuration mode

configure terminal

-

Enter the L2 Ethernet interface configuration mode

interface interface-name

Either

After entering the L2 Ethernet interface configuration mode, the subsequent configuration can only take effect on the current interface. After entering the aggregation group configuration mode, the subsequent configuration can only take effect on the aggregation group.

Enter the aggregation group configuration mode

interface link-aggregation link-aggregation-id

Enable the 802.1X authentication

dot1x port-control { enable | disable }

Mandatory

By default, the 802.1X authentication function in one port is disabled.

Enable the 802.1X device authentication

dot1x device-auth { enable | disable }

Mandatory

By default, the 802.1X device authentication function in one port is disabled.

note


  • You cannot enable the authentication function and MAC address authentication function of the 802.1X device on one port at the same time.
  • You cannot enable the authentication function and secure channel authentication function of the 802.1X device on one port at the same time.

Configure Keepalive Period of 802.1X Device Authentication

To detect whether the access device is online, after passing the authentication, the authentication device delivers the keepalive period of the configured 802.1X device authentication to the access device, and the access device initiates the keepalive authentication by the keepalive period. If the authentication device does not receive the keepalive authentication from the access device within three times of the keepalive period, it is regarded that the access device is not online, and change the port status to the controlled state.

Table 14–7 Configure the keepalive period of the 802.1X device authentication

Step

Command

Description

Enter global configuration mode

configure terminal

-

Enter the L2 Ethernet interface configuration mode

interface interface-name

Either

After entering the L2 Ethernet interface configuration mode, the subsequent configuration can only take effect on the current interface. After entering the aggregation group configuration mode, the subsequent configuration can only take effect on the aggregation group.

Enter the aggregation group configuration mode

interface link-aggregation link-aggregation-id

Configure the keepalive period of the 802.1X device authentication

dot1x device-auth keepalive period-value

Mandatory

By default, the keepalive period of the 802.1X device authentication in one port is 600s.