The dot1x url command configures a redirect URL in 802.1X authentication.
The undo dot1x url command cancels the redirect URL configuration in 802.1X authentication.
By default, no redirect URL is configured in 802.1X authentication.
| Parameter | Description | Value |
|---|---|---|
url-string |
Specifies a redirect URL. |
The value is a string of 1 to 247 case-sensitive characters. |
Usage Scenario
In the early stage of network deployment, 802.1X client deployment is difficult and requires heavy workload. You can run the dot1x url command to set a redirect URL to the web page address for downloading the 802.1X client. When a user uses a browser to access resources that are not in the authentication-free IP subnet, the device redirects the URL that the user attempts to access to the 802.1X client download web URL after the device receives HTTP packets from the user. The user then can download and install the 802.1X client.
Follow-up Procedure
Run the dot1x free-ip command to configure the network segment where the redirect URL used in 802.1X authentication belongs or configure the IP address segment of the DNS server as an authentication-free IP subnet. To ensure that pre-connection users can be aged out normally, you need to run the dot1x timer free-ip-timeout command to set the aging time of authentication-free user entries.
Precautions
This command applies when users use the 802.1X client software that is not provided by the system.
The redirect URL must be within the authentication-free IP subnet. Otherwise, the URL will be inaccessible.
When 802.1X-based fast deployment is configured, the device supports redirection triggered only by HTTP packets with HTTP port 80.