dot1x port-method

Function

The dot1x port-method command configures an access control type for 802.1X authentication on an interface.

By default, MAC-based access control is used for 802.1X authentication.

Format

dot1x port-method { mac | port }

Parameters

Parameter Description Value
mac

Indicates MAC-based access control for 802.1X authentication.

-
port

Indicates interface-based access control for 802.1X authentication.

-

Views

GE optical interface view, GE electrical interface view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
bas-eap write

Usage Guidelines

Usage Scenario

  • For scattered users, MAC-based access control for 802.1X authentication is recommended: Every user accessing an interface must be authenticated. If a user goes offline, other 802.1X authenticated users can still access the network.
  • For group users, interface-based access control for 802.1X authentication is recommended: After a user is authenticated, subsequent users can pass the authentication or access the network without being authenticated. If all users who pass the authentication go offline, the other users who are not authenticated are denied access to the network. To configure an access control type for an 802.1X authentication-enabled interface, run the dot1x port-method command.

Prerequisites

802.1X authentication has been enabled on the interface using the dot1x enable command.

Precautions

In VS mode, this command is supported only by the admin VS.

Example

# Configure interface-based access control for 802.1X authentication on GE 0/1/1.
<HUAWEI> system-view
[~HUAWEI] interface GigabitEthernet 0/1/1
[*HUAWEI-GigabitEthernet0/1/1] dot1x enable
[*HUAWEI-GigabitEthernet0/1/1] dot1x port-method port
Parent Topic: 802.1X Authentication Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >