Table of Contents
Advertisement
Port Control:
Re-Authentication:
Guest VLAN:
Guest VLAN id:
Auth-Fail VLAN:
Auth-Fail VLAN id:
Auth-Fail Max-Attempts:
Critical VLAN:
Critical VLAN id:
Mac-Auth-Bypass:
Mac-Auth-Bypass Only:
Static-MAB:
Static-MAB Profile:
Tx Period:
Quiet Period:
ReAuth Max:
Supplicant Timeout:
Server Timeout:
Re-Auth Interval:
Max-EAP-Req:
Host Mode:
Max-Supplicants:
Port status and State info for Supplicant: 7a:d9:d9:7d:00:00
Port Auth Status:
Untagged VLAN id:
Auth PAE State:
Backend State:
Port status and State info for Supplicant: 7a:d9:d9:7d:00:01
Port Auth Status:
Untagged VLAN id:
Auth PAE State:
Backend State:
Restricting Multi-Supplicant Authentication
To restrict the number of devices that 802.1X can authenticate on a port in multi-supplicant (multi-auth)
mode, enter the dot1x max-supplicants number command in Interface mode. By default, the maximum
number of multi-supplicant devices is 128.
Dell(conf-if-te-2/1)# dot1x max-supplicants 4
MAC Authentication Bypass
MAC authentication bypass (MAB) enables you to provide MAC-based security by allowing only known MAC
addresses within the network using a RADIUS server.
802.1X-enabled clients can authenticate themselves using the 802.1X protocol. Other devices that do not use
802.1X — like IP phones, printers, and IP fax machines — still need connectivity to the network. The guest
VLAN provides one way to access the network. However, placing trusted devices on the quarantined VLAN is
not the best practice. MAB allows devices that have known static MAC addresses to be authenticated using
AUTO
Disable
Disable
NONE
Disable
NONE
NONE
Disable
NONE
Disable
Disable
Disable
NONE
30 seconds
60 seconds
2
30 seconds
30 seconds
3600 seconds
2
MULTI_AUTH
128
AUTHORIZED
400
Authenticated
Idle
AUTHORIZED
400
Authenticated
Idle
802.1X
122
Advertisement
Table of Contents
Troubleshooting
