< Home

dot1x dhcp-trigger

Function

The dot1x dhcp-trigger command enables DHCP-triggered 802.1X authentication.

The undo dot1x dhcp-trigger command disables DHCP-triggered 802.1X authentication.

By default, DHCP-triggered 802.1X authentication is disabled.

Format

dot1x dhcp-trigger

undo dot1x dhcp-trigger

Parameters

None

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After DHCP-triggered 802.1X authentication is enabled using the dot1x dhcp-trigger command, the device sends an 802.1X authentication-start packet to the user when receiving a DHCP Request message from the user. When the user receives the 802.1X authentication-start packet from the device, the 802.1X authentication page is displayed on the client device and prompts the user to enter the user name and password for authentication. During 802.1X network deployment, DHCP-triggered 802.1X authentication enables 802.1X users to start 802.1X authentication without dial-up using the client software, which facilitates network deployment.

After receiving the request packet from an 802.1X user, the device starts authenticating the user. If the user is authenticated, the device allocates an IP address to the user through a DHCP server; if the user fails the authentication, the user cannot obtain a dynamic IP address from the DHCP server.

Prerequisites

802.1X authentication has been enabled globally and on an interface using the dot1x enable command.

Precautions

The dot1x dhcp-trigger command can be used only when the client supports DHCP and 802.1X authentication.

Example

# Enable DHCP-triggered 802.1X authentication.

<HUAWEI> system-view
[HUAWEI] dot1x dhcp-trigger
Parent Topic: NAC Configuration Commands (Common Mode)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >