Configuring and Managing Ports and VLANs 77

You must specify a port list. Optionally, you also can specify a tag-list to subdivide the port into virtual ports, set the maximum number of simultaneous user sessions that can be active on the port, and change the fallthru authentication method.

By default, one user session can be active on the port at a time.

The fallthru authentication type is used if the user does not support 802.1X and is not authenticated by MAC authentication. The default is none, which means the user is automatically denied access if neither 802.1X authentication or MAC authentication is successful.

To set port 17 as a wired authentication port, type the following command:

23x0# set port type wired-auth 17

success: change accepted

This command configures port 17 as a wired authentication port supporting one interface and one simulta- neous user session.

Note. If clients are connected to a wired authentication port through a downstream third-party switch, the WSS switch attempts to authenticate based on any traffic coming from the switch, such as Spanning Tree Protocol (STP) BPDUs. In this case, disable repetitive traffic emissions such as STP BPDUs from downstream switches. If you want to provide a management path to a downstream switch, use MAC authentication.

Clearing a Port

Caution! When you clear a port, WSS Software ends user sessions that are using the port.

To change a port’s type from AP access point or wired authentication port, you must first clear the port, then set the port type.

Clearing a port removes all the port’s configuration settings and resets the port as a network port.

If the port is an AP access port, clearing the port disables PoE and 802.1X authentication.

If the port is a wired authenticated port, clearing the port disables 802.1X authentication.

If the port is a network port, the port must first be removed from all VLANs, which removes the port from all spanning trees, load-sharing port groups, and so on.

Note. A cleared port is not placed in any VLANs, not even the default VLAN (VLAN 1).

To clear a port, use the following command:

clear port type port-list

Nortel WLAN Security Switch 2300 Series Configuration Guide

Page 77
Image 77
Nortel Networks 2300 manual Clearing a Port, 23x0# set port type wired-auth, Clear port type port-list