The 7705 SAR supports tunneling of untagged 802.1x frames received on a port for both Epipe and VPLS services using either null or default SAPs (for example1/1/1:0 or 1/1/1:*) when the port-control command is set to force-auth.
When tunneling is enabled on a port, untagged 802.1x frames are treated like user frames and are switched into Epipe or VPLS services that have a corresponding null SAP or default SAP on that port. If a port has a default SAP, other non-default SAPs could also be on the port. When received on a spoke SDP or mesh SDP, untagged 802.1x frames are tunneled by default. Untagged 802.1x frames received on other service types, or on network ports, are dropped.
802.1x tunneling must be enabled consistently across all ports in the LAG where 802.1x frames are expected. This is not enforced by the system.