Addendum to the User's Guide
Page 4
...Microsoft and Windows are trademarks of your computer. Information in this document to refer to either potential damage to hardware or loss of data and tells you make better use of Dell Computer Corporation. Other trademarks and trade names may be used in this document is ...or their products. Reproduction in any proprietary interest in this text: Dell, the DELL logo, and PowerConnect are registered trademarks of Dell Computer Corporation is subject to change without notice. © 2003 Dell Computer Corporation. A00 CAUTION: A CAUTION indicates a potential for ...
...Microsoft and Windows are trademarks of your computer. Information in this document to refer to either potential damage to hardware or loss of data and tells you make better use of Dell Computer Corporation. Other trademarks and trade names may be used in this document is ...or their products. Reproduction in any proprietary interest in this text: Dell, the DELL logo, and PowerConnect are registered trademarks of Dell Computer Corporation is subject to change without notice. © 2003 Dell Computer Corporation. A00 CAUTION: A CAUTION indicates a potential for ...
Addendum to the User's Guide
Page 7
... to the switch. The client provides its user ID and password. The information in the 802.1x implementation. IEEE 802.1x Port Authentication The IEEE 802.1x standard defines a port-based access control procedure that authorized users can be possible. NOTE: Currently only Remote Authentication Dial In User Service (RADIUS) servers and MD5 authentication are supported in this information back to update your Dell™ PowerConnect™ 5212 User's Guide.
... to the switch. The client provides its user ID and password. The information in the 802.1x implementation. IEEE 802.1x Port Authentication The IEEE 802.1x standard defines a port-based access control procedure that authorized users can be possible. NOTE: Currently only Remote Authentication Dial In User Service (RADIUS) servers and MD5 authentication are supported in this information back to update your Dell™ PowerConnect™ 5212 User's Guide.
Addendum to the User's Guide
Page 8
... and password on the RADIUS server, the client remains connected to one of the following editable fields: • Mode - The connected client is the port blocked. No - Force-Unauthorized - Sets the maximum number of a connected client. • Trunk - Sets the time period after the Max Req count has been exceeded before it times out the authentication session. (Range: 1-10; MAC address of times the switch port will be denied access. - Auto - Default...
... and password on the RADIUS server, the client remains connected to one of the following editable fields: • Mode - The connected client is the port blocked. No - Force-Unauthorized - Sets the maximum number of a connected client. • Trunk - Sets the time period after the Max Req count has been exceeded before it times out the authentication session. (Range: 1-10; MAC address of times the switch port will be denied access. - Auto - Default...
Addendum to the User's Guide
Page 9
... to save the changes, click Refresh. . If you make in this page, click Apply Changes. Use the no default radius form to restore the default. (Currently only RADIUS is supported.) dot1x default Sets all ports or a specific interface. dot1x port-control {auto | forceauthorized | forceunauthorized} Sets the 802.1x mode on the 802.1x Port Configuration page. Table 1-1. 802.1x Port Configuration CLI Commands Command Usage authentication dot1x Sets the default authentication server type. Documentation Update 7 CLI Commands Table 1-1 summarizes the equivalent CLI commands...
... to save the changes, click Refresh. . If you make in this page, click Apply Changes. Use the no default radius form to restore the default. (Currently only RADIUS is supported.) dot1x default Sets all ports or a specific interface. dot1x port-control {auto | forceauthorized | forceunauthorized} Sets the 802.1x mode on the 802.1x Port Configuration page. Table 1-1. 802.1x Port Configuration CLI Commands Command Usage authentication dot1x Sets the default authentication server type. Documentation Update 7 CLI Commands Table 1-1 summarizes the equivalent CLI commands...
Addendum to the User's Guide
Page 10
... PM www.dell.com | support.dell.com Table 1-1. 802.1x Port Configuration CLI Commands (continued) Command Usage dot1x max-req count Sets the maximum number of times the switch port will retransmit an EAP request packet to the client before retransmitting an EAP packet. Use the no form to show general port authentication related settings on the switch or a specific interface. Use the no form of the 802.1x CLI commands: Console(config)#authentication dot1x default radius Console(config)#interface ethernet 1/1 Console(config-if)#dot1x port-control auto Console(config-if)#dot1x...
... PM www.dell.com | support.dell.com Table 1-1. 802.1x Port Configuration CLI Commands (continued) Command Usage dot1x max-req count Sets the maximum number of times the switch port will retransmit an EAP request packet to the client before retransmitting an EAP packet. Use the no form to show general port authentication related settings on the switch or a specific interface. Use the no form of the 802.1x CLI commands: Console(config)#authentication dot1x default radius Console(config)#interface ethernet 1/1 Console(config-if)#dot1x port-control auto Console(config-if)#dot1x...
Addendum to the User's Guide
Page 11
... 1 disabled ForceAuthorized n/a 2 disabled ForceAuthorized yes 3 disabled ForceAuthorized n/a 4 disabled ForceAuthorized n/a 23 disabled ForceAuthorized n/a 24 disabled ForceAuthorized n/a 802.1X Port Details 802.1X is enabled on port 1/1 reauth-enabled: Disable reauth-period: 3600 quiet-period: 60 tx-period: 30 supplicant-timeout: 30 server-timeout: 30 reauth-max: 2 max-req: 2 Status Unauthorized Port-control Auto Supplicant 00-00-00-00-00-00 Authenticator State Machine State Initialize Reauth Count 0 Documentation Update 9
... 1 disabled ForceAuthorized n/a 2 disabled ForceAuthorized yes 3 disabled ForceAuthorized n/a 4 disabled ForceAuthorized n/a 23 disabled ForceAuthorized n/a 24 disabled ForceAuthorized n/a 802.1X Port Details 802.1X is enabled on port 1/1 reauth-enabled: Disable reauth-period: 3600 quiet-period: 60 tx-period: 30 supplicant-timeout: 30 server-timeout: 30 reauth-max: 2 max-req: 2 Status Unauthorized Port-control Auto Supplicant 00-00-00-00-00-00 Authenticator State Machine State Initialize Reauth Count 0 Documentation Update 9
Addendum to the User's Guide
Page 12
...EAP LenError - The number of EAPOL Start frames that have been received by this authenticator in which the Packet Body Length field is disabled on port 1/23 802.1X is invalid. 10 Documentation Update The number of EAPOL Logoff frames that have been ...dell.com | support.dell.com Backend State Machine State Idle Request Count 0 Identifier(Server) 0 Reauthentication State Machine State Initialize 802.1X is disabled on port 1/2 802.1X is disabled on port 1/3 802.1X is disabled on port 1/4 802.1X is disabled on port 1/24 Console# 802.1x Statistics Page You can use...
...EAP LenError - The number of EAPOL Start frames that have been received by this authenticator in which the Packet Body Length field is disabled on port 1/23 802.1X is invalid. 10 Documentation Update The number of EAPOL Logoff frames that have been ...dell.com | support.dell.com Backend State Machine State Idle Request Count 0 Identifier(Server) 0 Reauthentication State Machine State Initialize 802.1X is disabled on port 1/2 802.1X is disabled on port 1/3 802.1X is disabled on port 1/4 802.1X is disabled on port 1/24 Console# 802.1x Statistics Page You can use...
Addendum to the User's Guide
Page 13
.... • Tx EAP Req/Id - Documentation Update 11 The protocol version number carried in table format. The source MAC address carried in the most recently received EAPOL frame. • Rx Last EAPOLSrc - You can specify the port from the drop-down list and then click Query, or to update statistics for a specific port in the most recently received EAPOL frame. • Tx EAPOL Total...
.... • Tx EAP Req/Id - Documentation Update 11 The protocol version number carried in table format. The source MAC address carried in the most recently received EAPOL frame. • Rx Last EAPOLSrc - You can specify the port from the drop-down list and then click Query, or to update statistics for a specific port in the most recently received EAPOL frame. • Tx EAPOL Total...
Addendum to the User's Guide
Page 14
...Statistics CLI commands: Console#show general port authentication related settings on the switch or a specific interface. The RADIUS server uses standard RADIUS request and response packets to pass authentication information between a client (a user requesting access), a network access server (in this case, the switch), and an authentication server (RADIUS server). The following is passed in the 802.1x Statistics page. Table 1-2. 802.1x Statistics CLI Commands Command show dot1x [statistics] [interface interface] Usage Use this command to show dot1x statistics interface ethernet...
...Statistics CLI commands: Console#show general port authentication related settings on the switch or a specific interface. The RADIUS server uses standard RADIUS request and response packets to pass authentication information between a client (a user requesting access), a network access server (in this case, the switch), and an authentication server (RADIUS server). The following is passed in the 802.1x Statistics page. Table 1-2. 802.1x Statistics CLI Commands Command show dot1x [statistics] [interface interface] Usage Use this command to show dot1x statistics interface ethernet...
Addendum to the User's Guide
Page 15
... your RADIUS server documentation for users that needs to your RADIUS server documentation for IEEE 802.1x port authentication. This attribute (type number 6) returns the privilege level of users on configuring a user database and specific attributes. The switch requires a special user name to be specified to enable privileged exec access from normal exec access using the CLI command enable. Documentation Update 13 Select Administrative (value 6) for information on the switch. Then set the Service-Type attribute to the switch. Configure a user name...
... your RADIUS server documentation for users that needs to your RADIUS server documentation for IEEE 802.1x port authentication. This attribute (type number 6) returns the privilege level of users on configuring a user database and specific attributes. The switch requires a special user name to be specified to enable privileged exec access from normal exec access using the CLI command enable. Documentation Update 13 Select Administrative (value 6) for information on the switch. Then set the Service-Type attribute to the switch. Configure a user name...
Addendum to the User's Guide
Page 16
... using EAP. When an 802.1x client requests access to a switch port, the switch sends an access-request RADIUS packet to search external databases, such as the primary EAP authentication method. For 802.1x authentication, only the user name and password need to be configured locally on the RADIUS server or on configuring EAP authentication. 14 Documentation Update Most RADIUS server software provides a facility to the server that the RADIUS server can access...
... using EAP. When an 802.1x client requests access to a switch port, the switch sends an access-request RADIUS packet to search external databases, such as the primary EAP authentication method. For 802.1x authentication, only the user name and password need to be configured locally on the RADIUS server or on configuring EAP authentication. 14 Documentation Update Most RADIUS server software provides a facility to the server that the RADIUS server can access...
Addendum to the User's Guide
Page 18
Y1836bk0.book Page 16 Tuesday, July 15, 2003 12:55 PM Printed in Taiwan. 0Y1836A00 www.dell.com | support.dell.com
Y1836bk0.book Page 16 Tuesday, July 15, 2003 12:55 PM Printed in Taiwan. 0Y1836A00 www.dell.com | support.dell.com