< Home

dot1x mac-bypass access-port

Function

The dot1x mac-bypass access-port command enables MAC address bypass authentication on all downlink interfaces of the device.

The undo dot1x mac-bypass access-port command disables MAC address bypass authentication on all downlink interfaces of the device.

By default, MAC address bypass authentication is disabled on all downlink interfaces of the device.

Format

dot1x mac-bypass access-port all

undo dot1x mac-bypass access-port all

Parameters

None

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

You can enable MAC address bypass authentication for terminals (such as printers) on which the 802.1X client software cannot be installed or used.

After MAC address bypass authentication is enabled, the device performs 802.1X authentication on a user. Once 802.1X authentication fails, the device sends the user's MAC address as the user name and password to the authentication server.

MAC address bypass authentication involves 802.1X authentication. That is, the dot1x mac-bypass access-port all command also enables 802.1X authentication on the interfaces; the undo dot1x mac-bypass access-port all command also disables 802.1X authentication on the interfaces. If 802.1X authentication has been enabled on the interfaces, the authentication mode on the interfaces is changed to MAC address bypass authentication after you run the dot1x mac-bypass access-port all command.

Prerequisites

802.1X authentication has been enabled globally and on the interfaces using the dot1x enable command.

Example

# In the system view, enable MAC address bypass authentication on all downlink interfaces of the device.

<HUAWEI> system-view
[HUAWEI] dot1x mac-bypass access-port all
Parent Topic: NAC Configuration Commands (Common Mode)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >