HP xw460c Blade manual 802.1x Global configuration, Mode force, Unauthautoforce-auth

Page 110

[802.1x Configuration Menu]

 

global

- Global 802.1x configuration menu

port

- Port 802.1x

configuration menu

ena

- Enable 802.1x access control

dis

- Disable 802.1x access control

cur

- Show 802.1x

configuration

This feature allows you to configure the GbE2c as an IEEE 802.1x Authenticator, to provide port-based network access control. The following table describes the 802.1x Configuration Menu options.

Table 103 802.1x Configuration Menu options

Command

Description

 

 

global

Displays the global 802.1x Configuration Menu.

 

 

port <port number>

Displays the 802.1x Port Menu.

 

 

ena

Globally enables 802.1x.

 

 

dis

Globally disables 802.1x.

 

 

cur

Displays current 802.1x parameters.

 

 

802.1x Global configuration

Command: /cfg/l2/8021x/global

[802.1x Global Configuration Menu]

mode

- Set access control mode

qtperiod

- Set EAP-Request/Identity quiet time interval

txperiod

- Set EAP-Request/Identity retransmission timeout

suptmout

- Set EAP-Request retransmission timeout

svrtmout

- Set server authentication request timeout

maxreq

- Set max number of EAP-Request retransmissions

raperiod

- Set reauthentication time interval

reauth

- Set reauthentication status to on or off

default

- Restore default 802.1x configuration

cur

- Display current 802.1x configuration

The global 802.1x menu allows you to configure parameters that affect all ports in the switch. The following table describes the 802.1x Global Configuration Menu options.

Table 104 802.1x Global Configuration Menu options

Command

Description

 

 

 

mode force-

Sets the type of access control for all ports:

unauthautoforce-auth

force-unauth- the port is unauthorized unconditionally.

 

auto - the port is unauthorized until it is successfully authorized by the

 

RADIUS server.

 

force-auth- the port is authorized unconditionally, allowing all traffic.

 

The default value is force-auth.

 

 

 

qtperiod <0-65535>

Sets the time, in seconds, the authenticator waits before transmitting an EAP-

 

Request/ Identity frame to the supplicant (client) after an authentication failure

 

in the previous round of authentication. The default value is 60 seconds.

 

 

 

txperiod <1-65535>

Sets the time, in seconds, the authenticator waits for an EAP-Response/Identity

 

frame from the supplicant (client) before retransmitting an EAP-Request/Identity

 

frame. The default value is 30 seconds.

 

 

 

suptmout <1-65535>

Sets the time, in seconds, the authenticator waits for an EAP-Response packet

 

from the supplicant (client) before retransmitting the EAP-Request packet to the

 

authentication server. The default value is 30 seconds.

 

 

 

svrtmout <1-65535>

Sets the time, in seconds, the authenticator waits for a response from the Radius

 

server before declaring an authentication timeout. The default value is 30

 

seconds.

 

The time interval between transmissions of the RADIUS Access-Request packet

 

containing the supplicant’s (client’s) EAP-Response packet is determined by the

 

current setting of /cfg/sys/radius/timeout (default is 3 seconds).

 

 

 

 

Configuration Menu 110

Page 109 Page 111
Image 110
Page 109 Page 111
Contents HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Page Contents Statistics Menu Configuration Menu 111 Index Command line interface Additional references Connecting to the switchIntroduction Establishing a console connectionEstablishing a Telnet connection Setting an IP addressTelnet GbE2c Ethernet Blade Switch IP address Establishing an SSH connectionAccessing the switch # ssh user@GbE2c Ethernet Blade Switch IP addressIdle timeout Typographical conventions AaBbCc123Main Menu Menu summaryTraceroute host name IP address max-hops msec Global commandsDelay Command line history and editing Telnet hostname IP address portCommand abbreviation Command line interface shortcutsCommand stacking Tab completionMain# /cfg Configuring Simple Network Management Protocol support# /cfg/sys/access/snmp disableread onlyread/write # /cfg/sys/ssnmp/rcommwcommSystem# apply System# save Setting passwordsChanging the default administrator password Changing the default user password Changing the default operator password Information Menu Menu overviewSystem Information Menu SNMPv3 Information MenuComm AdminshaSNMPv3 USM User Table information V1v2onlySNMPv3 Access Table information SNMPv3 View Table informationPrefix SNMPv3 Group Table informationSNMPv3 Community Table information SNMPv3 Target Address Table information SNMPv3 Target Parameters Table informationSec Level Command /info/sys/snmpv3/notify NameTag V1v2trapv1v2trapSNMPv3 Notify Table information SNMPv3 dump System information Show last 100 syslog messages System user information8021x Stp Cfg/sys/access/user/uid commandLayer 2 information Port port number FDB information menuFind MAC address Vlan Link Aggregation Control Protocol information Show all FDB informationLacp dump 802.1x information Command /info/l2/stp Port Auth ModeAuthenticator PAE State Spanning Tree informationPriority bridge Current RootPath-Cost HelloDesg 8017 P2P2,Edge Rapid Spanning Tree and Multiple Spanning Tree informationDesignated port Desg 8018Disabled DSB Common Internal Spanning Tree information Discarding Disc , Learning LRN , Forwarding FWD , or Disabled DSBTrunk group information Layer 3 information Vlan informationLayer 2 general information Gw IP address Route informationFind IP address If IP addressShow all IP Route information Show all ARP entry information Command /info/arp/dump IP address Flags MAC addressARP information VlanDbase Sumaddr Nsumadd Routes Dump Ospf informationNbr nbr router-id A.B.C.D Ospf Database information menu Ospf general informationOspf interface information Ext adv-rtr A.B.C.D linkstateid A.B.C.Dself Advrtr router-id A.B.C.DAsbrsum adv-rtr A.B.C.D Linkstateid A.B.C.Dself Nw adv-rtr A.B.C.D linkstateid A.B.C.DselfRIP Routes information Ospf route codes informationRouting Information Protocol information Igmp multicast group information RIP user configurationIP information Vrrp information Command /info/l3/vrrp Vrrp informationIgmp multicast router port information QoS Menu 8021p Show QOS 802.1p information QoS information802.1p information 8021pACL information Rmon Information MenuRmon history information IntervalRmon event information Rmon alarm informationCommand /info/rmon/event Link status information VLANs Command /info/port Port Tag Rmon PvidPort information Logical Port to GEA Port mapping Command /info/geaport Logical Port GEA Port0-based GEA UnitUplink Failure Detection Enabled LtM status Down Member Uplink Failure Detection informationCommand /info/dump Information dumpUfd clear Menu informationNtp clear Port Statistics Menu AuthSuccessesWhile Authenticating802.1x statistics Supplicant Bridging statisticsBackendNonNakResponsesFrom Ethernet statistics Dot3StatsSingleCollisionFrames Dot3StatsFCSErrorsDot3StatsInternalMacTransmitErrors Dot3StatsMultipleCollisionFramesInterface statistics Internet Protocol IP statistics Link statisticsPort Rmon statistics Layer 2 statistics FDB statisticsArp clear Lacp statisticsLayer 3 statistics Clrigmp 1- 4095 allIP statistics GEA Layer 3 statistics menuGEA Layer 3 statistics L3 bucket for An IP address DumpRoute statistics ARP statisticsDNS statistics Icmp statisticsTCP statistics UDP statistics Ospf statistics menu Command /stats/l3/ospfIgmp Multicast Group statistics Ospf stats MenuOspf global statistics Tx ls Updates Nbr changeTimers Kickoff Vrrp statisticsRIP statistics Command /stats/l3/ripManagement Processor statistics Packet statisticsAllocs 10ad41e8/10ad5790ACL statistics Access Control List ACL statistics menuCPU statistics Snmp statistics Only NTP statistics Statistics dump Command /stats/dumpUplink Failure Detection statistics Number of times LtM link in BlockingConfiguration Menu Viewing pending changes Saving the configurationViewing, applying, reverting, and saving changes Applying pending changesSystem configuration RemindersBannr 1-80 characters System host log configurationLine to end Host IP addressLog featureall enabledisable Secure Shell Server configurationConsole disableenable Intrval Radius server configurationCommand /cfg/sys/radius Sshport TCP port numberTACACS+ server configuration Telnet enabledisable Port TCP port numberDlight disableenable NTP server configurationSystem Snmp configuration Command /cfg/sys/ssnmpCharacters SNMPv3 configurationName 1-64 characters User Security Model configuration V1v2 disableenableTree 1-32 characters SNMPv3 View configurationName 1-32 characters Mask 1-32 charactersUsmsnmpv1snmpv2 Level View-based Access Control Model configurationSNMPv3 Group configuration NoAuthNoPrivauthNoDel Deletes the vacmSecurityToGroup entry Cur SNMPv3 Community Table configurationUsmsnmpv1snmpv2 Uname Addr transport SNMPv3 Target Address Table configurationSNMPv3 Target Parameters Table configuration Address ip Port transportSNMPv3 Notify Table configuration Snmpv1snmpv2csnmp ModelSystem Access configuration Management Networks configurationUseroperadmin Name User Access Control configurationUser ID configuration Access enabledisable Port configurationHttps Access configuration Name 1-64 characters none Port link configuration Temporarily disabling a portPort ACL/QoS configuration Layer 2 configuration802.1x configuration Unauthautoforce-auth 802.1x Global configurationMode force 802.1x Port configuration Reauth onoffMode rstpmstp RevPort parameter menu Common Internal Spanning Tree configurationBridge parameter menu 4095Cist bridge configuration Cist port configurationCost Spanning Tree configurationEdge disableenable Link autop2psharedBridge Spanning Tree configuration Spanning Tree port configuration Cur Display current port Spanning Tree parametersFastfwd disableenable Forwarding Database configurationStatic FDB configuration Clear mac MAC AddressVLAN 1-4095 Port port numberAll Trunk configurationMAC address Vlan port Add port numberLink Aggregation Control Protocol configuration IP Trunk Hash configurationLayer 2 IP Trunk Hash configuration Timeout shortlong Lacp Port configurationVlan configuration Mode offactivepassiveList of port numbers Layer 3 configurationPort number Mask IP subnet mask IP interface configurationAddr IP address IP Static Route configuration Default Gateway configurationNetwork Filter configuration Address Resolution Protocol configurationIP Forwarding configuration Dirbr disableenableLp 0-4294967294 none Route Map configurationAp AS number AS number AS Metric 1-4294967294none IP Access List configurationAutonomous System Path configuration Action permitdenyRouting Information Protocol configuration RIP Interface configuration Add 1-32 1-32all Open Shortest Path First configurationRIP Route Redistribution configuration Remove 1-32 1-32allMd5key 1-255 characters Osfp Area Index configurationDefault 1-16777215 12none Redist fixedstaticripAreaid IP address Ospf Summary Range configurationAuth nonepasswordmd5 Type transitstubnssaKey key stringnone Ospf Interface configurationMask IP address mask Mdkey 1-255noneNbr IP address Ospf Virtual Link configurationKey password Rem 1-32 1-32 ... all Ospf Host Entry configurationOspf Route Redistribution configuration Export 1-16777215 12noneIgmp configuration Ospf MD5 Key configurationFastlv 1-4095 disableenable Igmp snooping configurationAggr disableenable Srcip IP addressAdd port number 1-4095 Igmp static multicast router configurationIgmp filtering configuration FilterRange IP multicast address IP Igmp filtering port configurationIgmp filter definition Multicast addressBootstrap Protocol Relay configuration Domain Name System configurationVirtual Router Redundancy Protocol configuration Vrrp Virtual Router configurationPreem disableenable Vrs disableenable Vrrp Virtual Router Priority Tracking configurationVrrp Virtual Router Group configuration Ifs disableenableVrrp Virtual Router Group Priority Tracking configuration Passw password Vrrp Interface configurationVrrp Tracking configuration QoS 802.1p configuration Quality of Service configurationAccess Control configuration Action permitdenysetprio Access Control List configurationEgrport port number Stats edACL Ethernet Filter configuration ACL IP Version 4 Filter configurationFlags value 0x0-0x3f ACL TCP/UDP Filter configurationSport 1-65535 port mask Enable ed ACL Meter configurationACL Re-mark configuration CirACL Re-mark Out-of-Profile configuration ACL Re-mark In-Profile configurationACL Re-mark In-Profile Update User Priority configuration ACL Group configuration Remote Monitoring configurationACL Packet Format configuration Owner 1-127 characters Rmon history configurationIfoid 1-127 characters Descn 1-127 characters Rmon event configurationRmon alarm configuration Type nonelogtrapboth2147483647 Port mirroringRlimit -2147483647 to Flimit -2147483647 toAdd mirrored port inoutboth Uplink Failure Detection configurationPort-based port mirroring Rem mirrored portAddport port number Failure Detection Pair configurationLink to Monitor configuration Remport port numberDump Saving the active switch configurationLink to Disable configuration Addport port number Remport port numberConfiguration# gtcfg FTP/TFTP server filename Restoring the active switch configurationCommand /cfg/gtcfg FTP/TFTP server filename Operations Menu Operations-level port optionsOperations-level Vrrp options Reset ReauthOperations-level port 802.1x options Updating the switch software image Downloading new software to the switchSelecting a software image to run AddressBoot Options# ptimg Uploading a software image from the switchSelecting a configuration block Boot Options# confBoot Options# reset Resetting the switchAccessing the Iscli Boot Options# curMaintenance Menu Flags new Nvram flags word as System maintenance optionsForwarding Database options 0xXXXXXXXXDebugging options ARP cache optionsBroadcastmartian IP Route Manipulation optionsIgmp Multicast Group options Igmp Snooping options Igmp Mrouter optionsClearing dump information Uuencode flash dumpFTP/TFTP system dump put Confirm dump and reboot y/n y Panic commandCommand /maint/panic Unscheduled system dumpsIndex
Related manuals
Manual 33 pages 57.51 Kb
Top Page Image Contents