User Manual

UMN:CLI

SURPASS hiD 6615 S223/S323 R1.5

 

 

 

 

 

4.5.1.4Authentication Port

After configuring 802.1x authentication mode, you should select the authentication port.

Command

Mode

Description

 

 

 

dot1x nas-port PORTS

Global

Designates 802.1x authentication port.

 

 

no dot1x nas-port PORTS

Disables 802.1x authentication port.

 

 

 

 

4.5.1.5Force Authorization

The hiD 6615 S223/S323 can allow the users to request the access regardless of the au- thentication from RADIUS server. For example, it is possible to configure not to be au- thenticated from the server even though a client is authenticated from the server.

To manage the approval for the designated port, use the following command.

Command

 

Mode

Description

 

 

 

dot1x port-control {auto force-

 

Configures the way of authorization to control port

authorized force-unauthorized}

 

 

whether it has the RADIUS authentication or not.

PORTS

 

Global

 

 

no dot1x port-control

PORTS

 

Deletes the configuration of the way of authorization to

 

control port.

 

 

 

 

 

 

 

auto: Follows the authentication of RADIUS server.

force-authorized:Gives the authorization to a client even though RADIUS server didn’t approve it.

force-unauthorized:Don’t give the authorization to a client even though RADIUS server authenticates it.

4.5.1.6Configuring Interval for Retransmitting Request/Identity Packet

In hiD 6615 S223/S323, it is possible to specify how long the device waits for a client to send back a response/identity packet after the device has sent a request/identity packet. If the client does not send back a response/identity packet during this time, the device re- transmits the request/identity packet.

To configure the number of seconds that the switch waits for a response to a re- quest/identity packet, use the following command.

Command

 

Mode

Description

 

 

 

 

dot1x timeout tx-period <1-

 

Sets reattempt interval for requesting request/identity

 

packet.

65535> PORTS

 

 

 

Global

1-65535: retransmit interval (default: 30)

 

 

 

 

 

 

no dot1x timeout

tx-period

 

Disables the interval for requesting identity.

PORTS

 

 

 

 

 

 

 

 

 

A50010-Y3-C150-2-7619

67

Page 67
Image 67
Siemens S223, S323 user manual Authentication Port, Force Authorization, Mode Description Dot1x port-control auto force