Use the following procedure to configure EAPOL parameters globally for the switch.
|
|
|
| Step | Action |
|---|---|
|
|
|
| 1 |
From the navigation tree, double-click Security. |
| 2 |
In the Security tree, double-click 802.1X/EAP. |
| 3 |
In the work area, click the EAPOL tab. |
| 4 |
Configure the parameters as required. |
| 5 |
In the toolbar, click Apply. |
|
|
|
| --End-- | |
|
|
|
The following table describes the fields of EAPOL tab.
| Variable | Value |
|---|---|
| SystemAuthControl | Enables or disables port access control on the switch. |
| UserBasedPolicies Enabled |
Enables or disables EAPOL user-based policies. For more information about user-based policies, see Nortel Ethernet Routing Switch 5000 Series Configuration — Quality of Service (NN47200-504). |
| UserBasedPoliciesFilterOnMac | Enables or disables the filter on MAC addresses for user-based policies. |
| GuestVlanEnabled | Enables or disables the Guest VLAN. |
| GuestVlanId | Sets the VLAN ID of the Guest VLAN. |
| MultiHostAllow NonEapClient |
Enables or disables support for non-EAPOL hosts on EAPOL-enabled ports. |
| MultiHostSingle AuthEnabled |
Enables or disables Multiple Host Single Authentication (MHSA). When selected, non-EAPOL hosts are allowed on a port if there is one authenticated EAPOL client on the port. |
| MultiHostRadiusAuth NonEapClient |
Enables or disables RADIUS authentication of non-EAPOL hosts on EAPOL-enabled ports. |
| MultiHostAllowNonEapPhones | Enables or disables Nortel IP Phone clients as another non-EAP type. |
| MultiHostAllowRadiusAssignedVlan | Enables or disables the use of RADIUS-assigned VLAN values in the Multihost mode. |
| MultiHostAllowNonEapRadiusAssignedVlan | Enables or disables the use of non-EAP RADIUS-assigned VLAN values in the Multihost mode. |
| MultiHostUseMostRecentRadiusAssignedVlan | Enables or disables the use of the most recent VLAN values assigned by the RADIUS server. |
| MultiHostEapPacketMode | Enables or disables the choice of packet mode (unicast or multicast) in the Multihost mode. Default is multicast. |
| MultiHostEapProtocolEnabled | Enables or disables the processing of EAP protocol packets. |
| MultiHostFailOpenVlanId | Specifies the ID of the global fail-over Vlan. |
| MultiHostFailOpenVlanEnabled | Enables or disables the fail-over Vlan. |
| NonEapRadiusPasswordAttributeFormat | Enables or disables setting the format of the Remote Authentication Dial-In User Service (RADIUS) Server password attribute for non-EAP clients. |
| NonEapUserBasedPoliciesEnabled | Enables or disables non-EAP user-based policies. |
| NonEapUserBasedPoliciesFilterOnMac | Enables or disables the filter on MAC addresses for non-EAP user-based policies. |