Use the following procedure to configure EAPOL parameters globally for the switch.
|
|
Step | Action |
---|---|
|
|
1 |
From the navigation tree, double-click Security. |
2 |
In the Security tree, double-click 802.1X/EAP. |
3 |
In the work area, click the EAPOL tab. |
4 |
Configure the parameters as required. |
5 |
In the toolbar, click Apply. |
|
|
--End-- | |
|
The following table describes the fields of EAPOL tab.
Variable | Value |
---|---|
SystemAuthControl | Enables or disables port access control on the switch. |
UserBasedPolicies Enabled |
Enables or disables EAPOL user-based policies. For more information about user-based policies, see Nortel Ethernet Routing Switch 5000 Series Configuration — Quality of Service (NN47200-504). |
UserBasedPoliciesFilterOnMac | Enables or disables the filter on MAC addresses for user-based policies. |
GuestVlanEnabled | Enables or disables the Guest VLAN. |
GuestVlanId | Sets the VLAN ID of the Guest VLAN. |
MultiHostAllow NonEapClient |
Enables or disables support for non-EAPOL hosts on EAPOL-enabled ports. |
MultiHostSingle AuthEnabled |
Enables or disables Multiple Host Single Authentication (MHSA). When selected, non-EAPOL hosts are allowed on a port if there is one authenticated EAPOL client on the port. |
MultiHostRadiusAuth NonEapClient |
Enables or disables RADIUS authentication of non-EAPOL hosts on EAPOL-enabled ports. |
MultiHostAllowNonEapPhones | Enables or disables Nortel IP Phone clients as another non-EAP type. |
MultiHostAllowRadiusAssignedVlan | Enables or disables the use of RADIUS-assigned VLAN values in the Multihost mode. |
MultiHostAllowNonEapRadiusAssignedVlan | Enables or disables the use of non-EAP RADIUS-assigned VLAN values in the Multihost mode. |
MultiHostUseMostRecentRadiusAssignedVlan | Enables or disables the use of the most recent VLAN values assigned by the RADIUS server. |
MultiHostEapPacketMode | Enables or disables the choice of packet mode (unicast or multicast) in the Multihost mode. Default is multicast. |
MultiHostEapProtocolEnabled | Enables or disables the processing of EAP protocol packets. |
MultiHostFailOpenVlanId | Specifies the ID of the global fail-over Vlan. |
MultiHostFailOpenVlanEnabled | Enables or disables the fail-over Vlan. |
NonEapRadiusPasswordAttributeFormat | Enables or disables setting the format of the Remote Authentication Dial-In User Service (RADIUS) Server password attribute for non-EAP clients. |
NonEapUserBasedPoliciesEnabled | Enables or disables non-EAP user-based policies. |
NonEapUserBasedPoliciesFilterOnMac | Enables or disables the filter on MAC addresses for non-EAP user-based policies. |