< Home

dot1x unicast-trigger

Function

The dot1x unicast-trigger command enables 802.1X authentication triggered by unicast packets.

The undo dot1x unicast-trigger command disables 802.1X authentication triggered by unicast packets.

By default, 802.1X authentication triggered by unicast packets is disabled.

Format

dot1x unicast-trigger

undo dot1x unicast-trigger

Parameters

None

Views

802.1X access profile view

Default Level

2: Configuration level

Usage Guidelines

After the dot1x unicast-trigger command is used on the device, the device sends a unicast packet to respond to the received ARP, DHCPv6, ND, or DHCP Request packet from a client. If the client does not respond within the timeout interval (set by the dot1x timer client-timeout client-timeout-value command), the device retransmits the unicast packet (the maximum of retransmission times is set by the dot1x retry max-retry-value command). This function allows users to use the 802.1X client provided by the operating system for authentication, helping quickly deploy an 802.1X network.

After receiving a packet that triggers 802.1X authentication from a client, the device sends a unicast packet to the client. For clients that cannot send packets to trigger 802.1X authentication, configure multicast packets to trigger 802.1X authentication.

Example

# In the 802.1X access profile d1, enable 802.1X authentication triggered by unicast packets.

<HUAWEI> system-view
[HUAWEI] dot1x-access-profile name d1
[HUAWEI-dot1x-access-profile-d1] dot1x unicast-trigger
Parent Topic: NAC Configuration Commands (Unified Mode)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >