dot1x mac-bypass

Function

The dot1x mac-bypass command enables MAC bypass authentication on an interface.

The undo dot1x mac-bypass command restores the default configuration.

By default, MAC bypass authentication is disabled on an interface.

Format

dot1x mac-bypass [ delay delay-time ]

undo dot1x mac-bypass [ delay delay-time ]

Parameters

Parameter Description Value
delay delay-time

Specifies a timeout period for the authenticator to wait for a response from the supplicant. If no response is received from the supplicant before the timeout period expires, the authenticator determines that the supplicant does not support 802.1X authentication and performs MAC bypass authentication for the supplicant.

The value is an integer ranging from 1 to 300. The default value is 30s.

Views

GE optical interface view, GE electrical interface view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
dot1x write

Usage Guidelines

Usage Scenario

If a user terminal connected to an interface does not support 802.1X authentication, run the dot1x mac-bypass command to enable MAC bypass authentication on the interface so that MAC address-based authentication is performed for the user terminal. This improves network security.

Prerequisites

The mode of the interface has been changed to Layer 2 using the portswitch command and 802.1X authentication has been enabled on the interface.

Precautions

In VS mode, this command is supported only by the admin VS.

Example

# Enable MAC bypass authentication on the interface GE0/1/1 and set the timeout period to 50s.
<HUAWEI> system-view
[~HUAWEI] interface GigabitEthernet 0/1/1
[*HUAWEI-GigabitEthernet0/1/1] portswitch
[*HUAWEI-GigabitEthernet0/1/1] commit
[~HUAWEI-GigabitEthernet0/1/1] dot1x enable
[*HUAWEI-GigabitEthernet0/1/1] dot1x mac-bypass delay 50
Parent Topic: 802.1X Authentication Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >