802.1x Port configuration | HP 445942-001 specs

Configuration Commands

Table 102 802.1x Global Configuration commands

Command	Description

show dot1x	Displays current global 802.1x parameters.
	Command mode: All

802.1x Port configuration

The 802.1x port commands allow you to configure parameters that affect the selected port in the switch. These settings override the global 802.1x parameters.

The following table describes the 802.1x Port Configuration commands. Table 103 802.1x Port Configuration commands

Command	Description

dot1x mode {[force-unauthorized	Sets the type of access control for the port:
autoforce-authorized]}	• force-unauth—the port is unauthorized unconditionally.
	• force-unauth—the port is unauthorized unconditionally.
	• auto—the port is unauthorized until it is successfully authorized
	by the RADIUS server.
	• force-auth—the port is authorized unconditionally, allowing
	all traffic.
	The default value is force-auth.
	Command mode: Interface port

dot1x quiet-time {<0-65535>}	Sets the time, in seconds, the authenticator waits before transmitting
	an EAP-Request/Identity frame to the supplicant (client) after an
	authentication failure in the previous round of authentication. The
	default value is 60 seconds.
	Command mode: Interface port

dot1x transmit-interval	Sets the time, in seconds, the authenticator waits for an EAP-
{<1-65535>}	Response/Identity frame from the supplicant (client) before
	retransmitting an EAP-Request/Identity frame. The default value is
	30 seconds.
	Command mode: Interface port

dot1x supplicant-timeout	Sets the time, in seconds, the authenticator waits for an EAP-
{<1-65535>}	Response packet from the supplicant (client) before retransmitting
	the EAP-Request packet from the authentication server. The default
	value is 30 seconds.
	Command mode: Interface port

dot1x server-timeout {<1-65535>}	Sets the time, in seconds, the authenticator waits for a response
	from the RADIUS server before declaring an authentication timeout.
	The default value is 30 seconds.
	Command mode: Interface port

dot1x max-request {<1-10>}	Sets the maximum number of times the authenticator retransmits an
	EAP-Request packet to the supplicant (client). The default value is 2.
	Command mode: Interface port

128

Image 128

HP 445942-001 manual 802.1x Port configuration

Contents

HP 10Gb Ethernet BL-c Switch Legal notices Contents Statistics Commands Configuration Commands 802.1x Port configuration 128 Operations Commands Index Additional references Connecting to the switchIntroduction Parameter Value Setting an IP addressEstablishing a console connection Establishing an SSH connection Telnet 10GbE switch IP addressEstablishing a Telnet connection Accessing the switch # ssh user@10GbE switch IP address Idle timeout User account Description and tasks performed Ping IP address Typeface or symbol MeaningTypographical conventions Accessing the Iscli Iscli Command ModesMain# boot/mode iscli Switchconfig# boot cli-mode aos Command Mode/Prompt Command used to enter or exit Global commands CommandTraceroute host nameIP address max-hops msec delay Action Command line interface shortcuts Command abbreviationSwitchconfig# spanning-tree stp 1 bridge hello Switchconfig# sp stp 1 br h Command Usage System Information commands Show access userShow information-dump Show snmp-server SNMPv3 Information commands Command mode All SNMPv3 USM User Table informationSNMPv3 View Table information Field Description SNMPv3 Access Table information Show snmp-server v3 access Command mode AllFieldDescription View Name Show snmp-server v3 group Command mode All Show snmp-server v3 community Command mode AllSNMPv3 Group Table information SNMPv3 Community Table information Show snmp-server v3 target-address Command mode All Show snmp-server v3 target-parameters Command mode AllSNMPv3 Target Address Table information SNMPv3 Target Parameters Table information SNMPv3 Notify Table information Show snmp-server v3 notifySec Level NameTag V1v2trapv1v2trap Show snmp-server v3 Command mode All SNMPv3 dump System information Show sys-info Show logging messages Command mode All Show recent syslog messages Show access user User Oper Admin Current User ID TableSystem user information FieldUsage Layer 2 information FDB information commands Mac-addressXxxxxxxxxxxx . For example Number Clearing entries from the forwarding database Link Aggregation Control Protocol informationShow all FDB information Show lacp information Command mode All Lacp dump Show dot1x information Command mode All 802.1x informationForce-unauth Auto Authenticator PAE State ConnectingAuthenticating Authenticated Show spanning-tree stp 1-128 information Command mode All Spanning Tree informationShow spanning-tree stp 1-128 bridge Show spanning-tree 1-128 information ParameterDescription Current Root Path-Cost Port Priority bridge HelloMaxAge FwdDel Aging Priority port Cost Desg 8018 Rapid Spanning Tree and Multiple Spanning Tree informationDesg 8017 P2P2,Edge Parameter Common Internal Spanning Tree information Show spanning-tree mstp cist information Parameter Description Cist Root Trunk group 1, Enabled Port state STG 1 forwarding Trunk group informationShow portchannel information Designated Bridge Designated Port Hello Type Show vlan Vlan informationShow vlan Layer 3 information Show ip route Route informationShow all IP Route information Indirect Gateway address Direct LocalBroadcast Martian ARP information Show all ARP entry informationShow ip arp Flag Description Show ip arp reply Ospf informationARP address list information Ospf general information Ospf interface information Link-state-id A.B.C.D self Ospf Database informationAdvertising-router router ID Ospf route codes information Show ip ospf routesShow ip ospf database summary Linkstate-id A.B.C.D self RIP user configuration Show interface ip 1-250 rip Command mode AllRouting Information Protocol RIP Routes information Show layer3 information Command mode All IP information Igmp multicast group information Igmp group informationShow ip igmp groups Show Igmp Groups detail Show ip igmp mrouter information CommandUsageIgmp multicast router information Vrrp information Show ip vrrp information 802.1p information Show qos transmit-queue information Show access-control Command mode All ACL information Show rmon history Command mode All Rmon InformationRmon history information Show rmon Rmon alarm information Show rmon alarm Command mode All Rmon event information REvtIdx FEvtIdx Last value Link status information Show interface link Port information Port Tag Rmon Pvid Show geaport Command mode All Show sfp Command mode AllLogical Port to GEA Port mapping Fiber Port SFP status Uplink Failure Detection information Information dumpShow ufd Show information-dump Show layer3 counters Show snmp-server countersShow ntp counters Clear ntp Port Statistics Statistics Description 802.1x statisticsShow interface port port number dot1x counters Connecting to AUTHENTICATING, as a result of an Show interface port port number bridging-counters Bridging statisticsStatisticsDescription Dot3StatsAlignmentErrors Ethernet statisticsShow interface port port number ethernet-counters Dot1TpLearnedEntryDiscards Dot3StatsFCSErrors Dot3StatsInternalMacTransmitErrorsDot3StatsCarrierSenseErrors object Dot3StatsSingleCollisionFrames Interface statistics MulticastPkts-IfHCIn Discards-IfHCIn Errors-IfHCIn Octets-IfHCOut UcastPkts-IfHCOutStatistics Internet Protocol IP statistics Link statisticsShow interface port port number ip-counters Show interface port port number link-counters Layer 2 statistics FDB statisticsShow mac-address-table counters Statistic Description Lacp statistics Show interface port port number lacp counters Layer 3 statistics IP statistics Show ip countersShow ip rip counters Clear ip rip counters Show ip route counters Command mode All except User Exec Route statistics ARP statistics DNS statisticsShow ip arp counters Show ip dns counters Show ip icmp counters Command mode All except User Exec Icmp statistics TCP statistics Show ip tcp counters Statistics Commands TCP statistics Show ip igmp counters Command mode All except User Exec UDP statisticsIgmp Multicast Group statistics Show ip udp counters Ospf statistics Ospf global statistics Rx ls Updates Tx ls UpdatesTx Database Rx ls Requests Timers Kickoff Hello Nbr change Show ip vrrp counters Command mode All except User Exec Vrrp statistics RIP statistics GEA Layer 3 statisticsShow ip rip counters Show ip gea Management Processor statistics Packet statisticsShow mp packet Show mp tcp-block Show mp udp-block Show mp cpu Show mp tcp-block Description Example statistic Show access-control counters CPU statisticsACL statistics Show mp udp-block Show snmp-server counters Command mode All except User Exec SnmpInASNParseErrs SnmpEnableAuthTrapsSnmp statistics SnmpInBadCtyNames SnmpInBadCtyUses Statistics Commands Snmp statistics NTP statistics Total number of GetRequest-PDUs , GetNextRequest-PDUs Uplink Failure Detection statistics Show ufd counters Statistics dump Show counters Saving the configuration Viewing and saving changes System configuration Characters multi-line ’-‘To end No banner 1-80 characters Address System host log configurationCommand Description No logging log feature CfgCli Console Secure Shell Server configuration Ssh port TCP port number Radius server configuration IP address key 1-32 characters TACACS+ server configuration Address key Characters Tacacs-server timeout UseroperadminTacacs-server enable No tacacs-server enable NTP server configuration System Snmp configuration Hostname 1-64 characters SNMPv3 configuration CommandDescription Snmp-server group User Security Model configuration SNMPv3 View configuration View-based Access Control Model configuration SNMPv3 Group configuration View 1-32 charactersUser-name 1-32 characters Group-name 1-32 characters SNMPv3 Community Table configuration SNMPv3 Target Address Table configurationIndex 1-32 characters Name 1-32 characters SNMPv3 Target Parameters Table configuration AuthPriv SNMPv3 Notify Table configuration System Access configuration Management Networks configurationAddress IP mask IP address IP mask User Access Control configuration User ID configurationAccess user 1-10 level Useroperatoradministrator Access user 1-10password Access user 1-10enableNo access user 1-10enable No access user Https Access configuration Access https save- certificate Show access Port configuration PvidName 1-64 characters 262143 Port link configuration Temporarily disabling a port ACL Port configuration No access-control listNo flowcontrol No auto Vlan Layer 2 configuration802.1x configuration 604800 802.1x Global configuration65535 802.1x Port configuration Dot1x apply-global Show interface port18-21 dot1x No spanning-tree mstp name Spanning-tree mode Spanning-tree mstp maximum-hopMstrstppvst Show spanning-tree mstp mrst Common Internal Spanning Tree configuration Cist bridge configurationSpanning-tree mstp cist Bridge priority Cist port configuration Bridge forward-delayInterface-priority Spanning-tree mstp cist path Spanning-tree mst cist enable EnableSpanning-tree mstp cist hello Spanning-tree mstp cist link Spanning Tree configuration 4094 Bridge Bridge Spanning Tree configurationBridge hello-time Spanning Tree port configuration Link autop2pshared Forwarding Database configuration Static FDB configuration128 MAC address vlan Vlan Trunk configuration Port number Layer 2 IP Trunk Hash configuration Port number lacp Link Aggregation Control Protocol configurationLacp Port configuration Vlan configuration StgMember port number No member port number Layer 3 configuration IP interface configurationIp address IP address IP Netmask 254 Default Gateway configurationAddress IP address IP Static Route configuration Address Resolution Protocol configurationIp route IP subnet IP netmask IP nexthop IP interface Show ip arp static Static ARP configurationClear ip arp-cache IP netmask IP Forwarding configurationNetwork Filter configuration Route Map configuration IP Access List configuration Routing Information Protocol configuration RIP Interface configuration Password RIP Route Redistribution configuration Open Shortest Path First configuration As-value Osfp Area Index configuration Ospf Summary Range configuration IP address IP netmask Ospf Interface configuration Ospf Virtual Link configuration Key key string Ospf Host Entry configuration Ospf Route Redistribution configuration Igmp Snooping configuration Igmp configurationOspf MD5 Key configuration IGMPv3 Snooping configuration No ip igmp snoop igmpv3 exclude Ip igmp snoop igmpv3 enableNo ip igmp snoop igmpv3 enable Igmp static multicast router configuration Igmp filtering configurationNumber 1-4094 Trunk number 1-12LACP Igmp filtering port configuration Igmp filter definition Domain Name System configuration Bootstrap Protocol Relay configuration Virtual Router Redundancy Protocol configuration Show ip vrrp Vrrp Virtual Router configuration Vrrp Virtual Router Priority Tracking configuration No virtual-router 1-250 preemptionShow ip vrrp virtual-router No virtual-router 1-250 track virtual-routers Vrrp Virtual Router Group configuration 250 Vrrp Virtual Router Group Priority Tracking configuration Vrrp Interface configuration Vrrp Tracking configuration Configuration Commands 169 Quality of Service configuration QoS 802.1p configurationQueue 0-10-7 weight Priority Access Control configuration Access Control List configurationACL Ethernet Filter configuration 384 ACL IP Version 4 Filter configuration IP mask Udp flags value 0x0-0x3f ACL TCP/UDP Filter configurationPort mask ACL Packet Format configuration ACL Metering configuration1000-10000000 32-4096 ACL Re-mark configuration ACL Re-mark In-Profile configurationRe-mark Re-mark in-profile dscp Re-Mark Update User Priority configuration ACL Re-mark Out-of-Profile configurationRe-mark in-profile dot1p Re-mark in-profile use-tos No access-control group 1-384 list ACL Group configurationAccess-control group 1-384 list Remote Monitoring configuration Rmon history configuration Rmon event configuration Rmon alarm configuration Oid 1-127 charactersLimit -2147483647 to 2147483647 Port mirroring Characte rs Uplink Failure Detection configuration Port-based port mirroringPort number mirroring-port Port number inoutboth Failure Detection Pair configuration Link to Monitor configurationUfd fdp ltm adminkey No ufd fdp ltm adminkey Switchconfig# show running-config Configuration DumpLink to Disable configuration Saving the active switch configuration Restoring the active switch configurationSwitchconfig# copy running-config startup-config Switchconfig# copy tftpftp running-config Operations-level port options Number shutdown Interface port port number dot1x re- authenticate Router vrrp backupOperations-level Vrrp options Operations-level port 802.1x options Updating the switch software image Downloading new software to the switch Enter password for username on FTP server password Port type data-port/mgt-port port typeAddress or name of remote host server name or IP address Source file name filename Uploading a software image from the switch Routerconfig# boot image image1image2Selecting a software image to run Destination file name filename Selecting a configuration block Resetting the switchAccessing the AOS CLI Boot cli-mode prompt System maintenance Debug debug-flags Forwarding Database maintenance Debugging optionsAddress MAC address 4095 ARP cache maintenance Igmp Snooping maintenance Show flash-dump-uuencode Igmp Mrouter maintenanceUuencode flash dump FTP/TFTP system dump put Clearing dump information Unscheduled system dumps Panic commandConfirm dump and reboot y/n y Index 199