Config authentication login set, Config dot1x login | NETGEAR L3

7000 Series L3 Managed Switch Reference Manual for Software v2.0

config authentication login set

This command sets an ordered list of methods in the authentication login list. The maximum number of authentication login methods is three. The possible method values are local, radius, and reject.

The value of local indicates that the user’s locally stored ID and password are used for authentication. The value of radius indicates that the user’s ID and password will be authenticated using the RADIUS server. The value of reject indicates that the user is never authenticated.

To authenticate a user, the authentication methods in the user’s login will be attempted in order until an authentication attempt succeeds or fails.

Note: The default login list included with the default configuration can not be changed.

Default	None
Format	config authentication login set <listname>
	<local/radius/reject> [local/radius/reject]
	[local/radius/reject]

config dot1x defaultlogin

This command assigns the authentication login list to use for nonconfigured users for 802.1x port security. This setting is overridden by the authentication login list assigned to a specific user if the user is configured locally. If this value is not configured, users will be authenticated using local authentication only.

Format

config dot1x defaultlogin <listname>

config dot1x login

This command assigns the specified authentication login list to the specified user for port security. The <user> must be a configured <user> and the <listname> must be a configured login list.

Format

config dot1x login <user> <listname>

config dot1x port users add

This command adds the specified user to the list of users with access to the specified port. The <user> must be a configured <user> and the <port> must be a valid port. By default, a user is given access to all ports.

Switching Commands

7-77

Image 131

NETGEAR L3 Config authentication login set, Config dot1x defaultlogin, Config dot1x login, Config dot1x port users add

Contents

Series L3 Managed Switch Reference Manual for Software Technical Support Canadian Department of Communications Compliance Statement Page Contents Chapter Quick Startup Page Viii Contents Page Page Security Commands System Utilities Chapter Routing Commands Xiv Contents Contents Chapter CLI Commands Differentiated Services Contents Xvii Chapter ACL Commands Appendix a Cabling Guidelines Index Organization of This Manual About this Manual Special Message Formats Typographical Conventions Html version of this manual How to Navigate this Manual How to Print this Manual Chapter Switch Management Overview Comparing Switch Management Methods Setting Up Your Switch Using Direct Console Access Administration Console Telnet Interface Connection Description Connection Settings Introduction to the Command Menu Interface ESC Chapter Web-Based Management Interface GSM73xx IP address in browser address bar How to Log In to the GSM73xx Web-Based Management Utility Introduction User name/password dialog box GSM7312 System information Interactive Switch Image Menus GSM7324 Interactive switch image System-Wide Popup Menus Switch popup menus Port-Specific Popup Menus 10 Switch popup menus Series L3 Managed Switch Reference Manual for Software Config lag deleteport is the command name CLI Command FormatConfig network parms is the command name Example 2 config syslocation location CLI Command Conventions CLI Command Values MacAddr CLI Annotations Series L3 Managed Switch Reference Manual for Software Software Version Information Quick Starting the Switch User Account Management Physical Port Data IP Address Config users passwd user Switch Image on Uploading from Switch to Out-of-Band PC Only Xmodem Traplog trap log Downloading from Out-of-Band PC to Switch Only Xmodem Downloading from Tftp Server Factory Defaults Port Routing, RIP, and Ospf Configuration Basic Configuration Examples RIP and Ospf Vlan Routing 11. Ospf Configuration Example Series L3 Managed Switch Reference Manual for Software This example creates two router ports to run Ospf Creating the VLANs Vlan Example Solution Show inventory System Information and Statistics CommandsText used to identify the product name of this switch Show inventory Show sysinfo Config sysnameConfig syslocation Show sysinfo Show forwardingdb table Config syscontactShow arp switch Show arp switch Packets Received 64 Octets The total number of packets Show stats port detailedShow stats port detailed slot.port Series L3 Managed Switch Reference Manual for Software Packets Received with Series L3 Managed Switch Reference Manual for Software Broadcast Packets Transmitted The total number of packets Packets Transmitted 256-511 Octets The total numberPackets Transmitted 512-1023 Octets The total number Multicast Packets Transmitted The total number of packets 802.3x Pause Frames Received a count of MAC Control Show stats port summary slot.port Show stats port summary Show stats switch detailed Show stats switch detailed Series L3 Managed Switch Reference Manual for Software Line number of the event Show stats switch summaryShow eventlog File in which the event originated Event code Show msglogShow traplog Task ID of the event Show network Management CommandsConfig network parms Config network protocol Show serial Config network webmodeConfig network javamode Config prompt 9600 Config serial baudrateConfig serial timeout Config snmpcommunity accessmode Config snmpcommunity ipmask Config snmpcommunity createConfig snmpcommunity delete Config snmpcommunity ipaddr Show snmptrap Config snmpcommunity modeConfig snmptrap create Show trapflags Config snmptrap deleteConfig snmptrap ipaddr Config snmptrap mode Config trapflags linkmode Config trapflags authenticationConfig trapflags bcaststorm Show telnet Config trapflags multiusersConfig trapflags stpmode Config telnet maxsessions Show forwardingdb agetime fdbidall Config telnet modeConfig telnet timeout Show forwardingdb agetime Config switchconfig broadcast Device Configuration CommandsConfig forwardingdb agetime Show switchconfig Able Config switchconfig flowcontrol Show port Config port adminmode Config port autoneg Config port linktrapConfig port physicalmode Config port lacpmode Show lag logical slot.portall Config lag createConfig lag addport Show lag Config lag name Config lag deleteportConfig lag adminmode Config lag linktrap Show vlan summary Config lag deletelagConfig lag stpmode Show vlan summary Show vlan detailed Config vlan detailed vlan id, where the ID is a Config vlan makestatic Config vlan createConfig vlan delete Config vlan name Show vlan port Config vlan participationConfig vlan port tagging Admit All Config vlan port pvidConfig vlan port acceptframe Config vlan port acceptframe allvlan Config vlan port ingressfilterConfig protocol create Config protocol delete Config protocol vlan remove Config protocol protocol addConfig protocol protocol remove Config protocol vlan add Show garp interface Config protocol interface addConfig protocol interface remove Show garp info Specifies the interval between the transmission of Garp PDUs Config garp gvrp interfacemode Config garp gmrp adminmodeConfig garp gmrp interfacemode Config garp gvrp adminmode Config garp leavealltimer Config garp jointimerConfig garp leavetimer Show igmpsnooping Config igmpsnooping adminmode Config igmpsnooping interface mode Config igmpsnooping groupmembershipintervalConfig igmpsnooping maxresponse Config igmpsnooping mcrtrexpiretime Show mfdb gmrp Show mfdb table Show mfdb staticfiltering Show mfdb igmpsnooping Show mirroring Config mirroring createShow mfdb stats Show mirroring Show macfilter Config mirroring deleteConfig mirroring mode Config macfilter addsrc Config macfilter createConfig macfilter remove Config macfilter deldest Config macfilter delsrcConfig macfilter adddest Show spanningtree summary Spanning Tree Commands Config spanningtree configuration name Config spanningtree adminmodeConfig spanningtree forceversion Show spanningtree port Config spanningtree configuration revisionConfig spanningtree port bpdumigrationcheck Show spanningtree bridge Config spanningtree port modeConfig spanningtree bridge maxage Config spanningtree bridge hellotime Show spanningtree cst detailed Config spanningtree bridge forwarddelayConfig spanningtree bridge priority Show spanningtree cst port detailed Show spanningtree cst port summary 128 Config spanningtree cst port pathcostConfig spanningtree cst port priority Auto Config spanningtree mst vlan add Config spanningtree cst port edgeportConfig spanningtree mst create Config spanningtree mst delete Config spanningtree mst port priority Config spanningtree mst vlan removeConfig spanningtree mst priority Config spanningtree mst port pathcost Instance List of multiple spanning trees IDs currently configuredShow spanningtree mst summary Show spanningtree mst detailed Show spanningtree mst port detailed Show spanningtree mst port summary Show spanningtree vlan vlan User Account Management CommandsShow spanningtree vlan Show users Config users snmpv3 authentication Config users addConfig users passwd Config users delete Show loginsession Config users snmpv3 encryptionConfig users snmpv3 accessmode Config radius timeout Security CommandsConfig loginsession close Config radius maxretransmit Config radius accounting server port Config radius accounting modeConfig radius accounting server add Config radius server port Config radius accounting server removeConfig radius accounting server secret Config radius server add Config radius server msgauth Config radius server removeConfig radius server secret Config radius server primary Show radius server stats Secret ConfiguredShow radius summary Show radius server summary Show radius accounting summary Configured IP address of the accounting server Yes or No Show radius accounting statsPort in use by the accounting server Show radius stats Config dot1x adminmodeConfig dot1x port initialize Config dot1x port reauthenticate Config dot1x port quietperiod Config dot1x port controldirConfig dot1x port controlmode Config dot1x port maxrequests Config dot1x port transmitperiodConfig dot1x port supptimeout Config dot1x port servertimeout Show dot1x port summary Config dot1x port reauthenabledSible values are Enabled and Disabled Show dot1x summary Interface whose configuration is displayed Show dot1x port stats Clear dot1x port stats Config authentication login createConfig authentication login delete Config dot1x port users add Config authentication login setConfig dot1x defaultlogin Config dot1x login Show authentication login info Config dot1x port users removeConfig users defaultlogin Config users login Show dot1x port users Show authentication login usersShow users authentication System Utilities Transfer upload serverip Save configTransfer upload mode Logout Transfer upload datatype Transfer upload filename Transfer download path Transfer download modeTransfer upload start Transfer download serverip Clear transfer Transfer download filenameTransfer download datatype Transfer download start Clear vlan Clear configClear pass Clear traplog Ping Clear stats switchReset system Clear igmpsnooping Series L3 Managed Switch Reference Manual for Software Show arp table Routing CommandsShow arp table Config arp delete Config arp agetimeConfig arp cachesize Config arp create Show ip interface slot.port Config arp retriesShow ip interface Are Ethernet or Snap Config interface encapsConfig interface routing Config ip interface mtu Enable Config ip interface netdirbcastConfig ip interface create Config ip interface delete Show ip vlan Config ip forwardingConfig routing Show ip stats Show router ip interface summary Config ip vlan routing createConfig ip vlan routing delete Show router ip interface summary Show router ospf info Config router idConfig router id routerid Show router ospf info Config router ospf preference Config trapflags ospfConfig router ospf adminmode Config router ospf asbr Show router ospf interface stats Show router ospf interface summary Config router ospf interface interval dead Config router ospf interface areaidConfig router ospf interface authtypekey Config router ospf interface mode Config router ospf interface interval helloConfig router ospf interface interval retransmit Config router ospf interface iftransitdelay Which is the highest router priority Config router ospf interface priorityConfig router ospf interface cost Show router ospf area info Show router ospf area range Config router ospf area range create Config router ospf area stub summarylsa Config router ospf area range deleteConfig router ospf area stub metric value Config router ospf area stub metric type Show router ospf neighbor detailed Config router ospf area stub createConfig router ospf area stub delete Config router ospf area delete Show router ospf neighbor table Show router ospf lsdb summary Show router ospf stub tableShow router ospf lsdb summary Show router ospf stub table Show router rip interface detailed Show router rip infoShow router rip interface detailed Show router rip info Show router rip interface summary Config router rip adminmodeShow router rip interface summary Default password key is an empty string. Unauthenticated Config router rip preferenceConfig router rip interface authtypekey Config router rip interface defaultmetric Both Config router rip interface modeConfig router rip interface version receive Config router rip interface version send Is the neighbor interface of the Ospf virtual interface Config router ospf virtif createShow router ospf virtif detailed Show router ospf virtif summary Config router ospf virtif interval dead Config router ospf virtif deleteConfig router ospf virtif authtypekey Config router ospf virtif transdelay Config router ospf extlsdblimit Config router ospf virtif interval helloConfig router ospf virtif interval retransmit Config router ospf exoverflowinterval Show router route table Show router route tableShow router route bestroutes Show router route entry Show router route preferences Config router route create Config router route default delete Config router route deleteConfig router route preference Config router route default create Show router vrrp interface summary Config router vrrp adminmodeShow router vrrp interface detailed Represents the router ID of the virtual router Is the IP Address that was configured on the virtual routerRepresents the state Master/backup of the virtual router Show router vrrp interface stats There is no default value for vrID Config router vrrp interface adminmodeConfig router vrrp interface routerID Config router vrrp interface priority Config router vrrp interface authdetails Config router vrrp interface ipaddressConfig router vrrp interface preemptmode Config router vrrp interface advinterval Config router rtrdiscovery mininterval Config router vrrp removedetailsConfig router rtrdiscovery adminmode Config router rtrdiscovery maxinterval Show router rtrdiscovery Config router rtrdiscovery lifetimeConfig router rtrdiscovery address Config router rtrdiscovery preference Config router bootpdhcprelay adminmode Show router bootpdhcprelayConfig router bootpdhcprelay circuitidoptionmode Config router bootpdhcprelay serverip Config router bootpdhcprelay maxhopcountConfig router bootpdhcprelay minwaittime Series L3 Managed Switch Reference Manual for Software CLI Commands Differentiated Services Config diffserv adminmode General Commands Config diffserv class create acl Class Commands Config diffserv class delete Config diffserv class create allConfig diffserv class create any None Config diffserv class renameConfig diffserv class match cos Config diffserv class match dstip Config diffserv class match dstl4port number Config diffserv class match dstl4port keyword Config diffserv class match every Config diffserv class match dstl4port rangeConfig diffserv class match dstmac Config diffserv class match ipprecedence Config diffserv class match ipdscp Config diffserv class match iptos Config diffserv class match protocol number Config diffserv class match protocol keyword Config diffserv class match srcip Config diffserv class match refclass Config diffserv class match srcl4port number Config diffserv class match srcl4port keyword Config diffserv class match vlan Config diffserv class match srcl4port rangeConfig diffserv class match srcmac Config diffserv policy create Policy Commands Config diffserv policy class remove Config diffserv policy deleteConfig diffserv policy rename Config diffserv policy class add Config diffserv policy bandwidth percent Config diffserv policy bandwidth kbps Bandwidth all forms, Shape Peak Config diffserv policy expedite kbps Out Config diffserv policy expedite percentConfig diffserv policy mark cos Mark IP Precedence, Police all forms Config diffserv policy mark ipdscpConfig diffserv policy mark ipprecedence Config diffserv policy police action conform drop Config diffserv policy police action conform send Config diffserv policy police action conform markdscpConfig diffserv policy police action conform markprec Config diffserv policy police action exceed markdscp Config diffserv policy police action exceed drop Config diffserv policy police action nonconform drop Config diffserv policy police action exceed markprecConfig diffserv policy police action exceed send Config diffserv policy police action nonconform send Config diffserv policy police action nonconform markdscpConfig diffserv policy police action nonconform markprec Mark IP DSCP, Mark IP Precedence Config diffserv policy police style simpleConfig diffserv policy police style singlerate Allowed for a given class instance in a particular policy Config diffserv policy police style tworate Config diffserv policy shape average Config diffserv policy randomdrop Applied Service CommandsConfig diffserv policy shape peak Neither of the shaping rate parameters is allowed to exceed Particular direction at any one time Config diffserv service addConfig diffserv service remove Show diffserv class detailed Show Commands Show diffserv info Show diffserv class summary Policy type, namely whether it is an inbound or outbound Current number of entries rows in the Service TableShow diffserv policy detailed Name of this policy Denotes the mark/re-mark value used as the Dscp for traffic Show diffserv policy summary Show diffserv service info summary Show diffserv service info detailed Direction Show diffserv service stats detailedSlot number and port number of the interface slot.port Name of this class instance Show diffserv service stats summary Series L3 Managed Switch Reference Manual for Software Show acl detailed Show acl summary Config acl rule create Config CommandsConfig acl create Config acl delete Config acl rule match dstl4port keyword Config acl rule deleteConfig acl rule action Config acl rule match dstip Config acl rule match ipdscp Config acl rule match dstl4port rangeConfig acl rule match every Config acl rule match iptos Config acl rule match ipprecedence Config acl rule match srcip Config acl rule match protocol keywordConfig acl rule match protocol number Config acl interface add Config acl rule match srcl4port keywordConfig acl rule match srcl4port range Config acl interface remove Fast Ethernet Cable Guidelines Appendix a Cabling Guidelines Category 5 Cable Category 5 Cable Specifications Twisted Pair Cables Specifications Category 5 Cable Requirements Figure A-2illustrates crossover twisted pair cable Patch Panels and Cables Cabling Using 1000BASE-T Gigabit Ethernet over Category 5 Cable Patch Cables RJ-45 Plug and RJ-45 ConnectorsNear End Cross Talk Next PIN Normal Assignment on Uplink Assignment on Ports 1 to Conclusion Appendix B 802.1x Port-Based Authentication Overview Figure B-1 802.1x authentication Series L3 Managed Switch Reference Manual for Software Series L3 Managed Switch Reference Manual for Software Numeric Appendix C Glossary See Area Border Router on See Application Programming Interface on See Bridge Protocol Data Unit on Packet sent to all devices on a network See Command Line Interface on See Device Application Programming Interface on See Distance-Vector Multicast Routing Protocol. on Computer, printer, or server that is connected to a network See Generic Attribute Registration Protocol. on See Garp Information Propagation on See Internet Group Management Protocol on See Joint Test Action Group on MAC Megabits per second See Multiplexing on See Network Address Translation on See Operating System Application Programming Interface on See Protocol Independent Multicast Dense Mode on See Quality of Service on See Routing Information Protocol on Model of Serial Management Controller from Motorola Static Random Access Memory See TLS on An abbreviation that represents Unit, Slot, Port Models Series L3 Managed Switch Reference Manual for Software Series L3 Managed Switch Reference Manual for Software Index Index Gvrp Index Index STP Xmodem