Configuring VLAN authentication port parameters

Note:

VLAN authentication is only supported on 7210 SAS-Dxp.

The 7210 SAS supports VLAN authentication for client devices (for example, PCs and STBs) on an Ethernet network.

VLAN authentication provides protection against unauthorized access by forcing the device connected to the 7210 SAS to be authenticated by a RADIUS server before the device is able to transmit packets through the 7210 SAS.

Use the following CLI syntax to configure VLAN authentication for an Ethernet port.

port port-id ethernet
         dot1x
             vlan-auth
             port-control auto
             quiet-period seconds
             radius-plcy name

Example: Command usage to configure VLAN authentication for an Ethernet port

config# port 1/1/2 ethernet dot1x
config>port>ethernet>dot1x# vlan-auth
config>port>ethernet>dot1x# port-control auto
config>port>ethernet>dot1x# quiet-period 60
config>port>ethernet>dot1x# radius-plcy dot1xpolicy

Example: Sample port configureation output

Use the info detail command to display port configuration information. 

SAS-T>config>port>ethernet>dot1x# info detail
----------------------------------------------
             port-control auto
             radius-plcy dot1xpolicy
             re-authentication
             re-auth-period 3600
             max-auth-req 2
             transmit-period 30
             quiet-period 60
             supplicant-timeout 30
             server-timeout 30
             vlan-auth
----------------------------------------------
SAS-T>config>port>ethernet>dot1x#
Parent topic: Configuring Ethernet port parameters