User Manual
When "in" is specified, only packets received from the supplicant are discarded, and the broadcast/multicast packets to the
interface to which the supplicant is connected from other ports are forwarded.
[Note]
This command can be specified only for LAN/SFP port.
When the guest VLAN is configured using the applicable interface, the settings for this command will be disabled.
Changing the settings for this command will make the authentication state return to the default.
To use this command, you must enable the port authentication function for the applicable interface. (dot1x port-control
command)
[Example]
Discard received packets only for the packet forwarding operation on an unauthenticated port of LAN port #1.
SWP1(config)#interface ge1
SWP1(config-if)#dot1x control-direction in
10.3.5 Set the EAPOL packet transmission count
[Syntax]
dot1x max-auth-req count
no dot1x max-auth-req
[Parameter]
count : <1-10>
Maximum number of times EAPOL packets are transmitted
[Initial value]
dot1x max-auth-req 2
[Input mode]
interface mode
[Description]
Sets the maximum value for the EAPOL packet transmission count for the applicable interface.
If this command is executed with the "no" syntax, the setting returns to the default.
[Note]
This command can be specified only for LAN/SFP port.
To use this command, you must enable the port authentication function for the applicable interface. (dot1x port-control
command)
[Example]
Set the EAPOL packet transmission count for LAN port #1 to "3".
SWP1(config)#interface ge1
SWP1(config-if)#dot1x max-auth-req 3
10.3.6 Set the MAC authentication function
[Syntax]
auth-mac enable
auth-mac disable
no auth-mac enable
[Initial value]
auth-mac disable
[Input mode]
interface mode
[Description]
Enables MAC authentication for the applicable interface.
When this command is executed with the "no" syntax or when disable is specified, MAC authentication is disabled.
[Note]
This command can be specified only for LAN/SFP port.
108 | Command Reference |
LAN/SFP port control