Command Line Interface Reference Guide | aaa |
|
|
■
■
■
■login
authenticator
■aaa
Usage: [no] aaa
[no] aaa
[control <authorizedautounauthorized>
initialize reauthenticate
Description: Configure 802.1X (Port Based Network Access) authentication on the device or the device's port(s).
The first form of the command activates or deactivates authentication on the device. By default, authentication is deactivated. 802.1X authentication does not run on the switch until you use this command to enable it.
The second form of the command enables, disables, or configures authentication on the device's individual ports.
While authentication is deactivated, access to the network is granted on all switch ports regardless of whether 802.1X is enabled on the port.
The 'no' keyword cannot be used with any of the optional parameters that follow
802.1X must be enabled on a port before any of the following optional parameters can be configured on the port.
o 'control' sets the authenticator to (Force) Authorized, (Force) Unauthorized or Auto state (default 'Auto').
-Auto: Grants network access to a connected device that supports 802.1X authentication and provides valid credentials.
-Authorized: Grants access to any devices connected to the port(s). In this case, the devices do not have to provide 802.1X credentials or support 802.1X authentication. (Also termed ''Force Authorized''.)
-Unauthorized: In this state, the port blocks access to any connected device, regardless of whether the device provides the correct credentials and has 802.1X support.
o
© 2009 | 28 |