The dot1x mac-bypass command enables MAC bypass authentication on an interface.
The undo dot1x mac-bypass command restores the default configuration.
By default, MAC bypass authentication is disabled on an interface.
| Parameter | Description | Value |
|---|---|---|
| delay delay-time |
Specifies a timeout period for the authenticator to wait for a response from the supplicant. If no response is received from the supplicant before the timeout period expires, the authenticator determines that the supplicant does not support 802.1X authentication and performs MAC bypass authentication for the supplicant. |
The value is an integer ranging from 1 to 300. The default value is 30s. |
Usage Scenario
If a user terminal connected to an interface does not support 802.1X authentication, run the dot1x mac-bypass command to enable MAC bypass authentication on the interface so that MAC address-based authentication is performed for the user terminal. This improves network security.
Prerequisites
The mode of the interface has been changed to Layer 2 using the portswitch command and 802.1X authentication has been enabled on the interface.
Precautions
In VS mode, this command is supported only by the admin VS.
<HUAWEI> system-view [~HUAWEI] interface GigabitEthernet 0/1/1 [*HUAWEI-GigabitEthernet0/1/1] portswitch [*HUAWEI-GigabitEthernet0/1/1] commit [~HUAWEI-GigabitEthernet0/1/1] dot1x enable [*HUAWEI-GigabitEthernet0/1/1] dot1x mac-bypass delay 50