A SERVICE OF

logo

Open as PDF
next previous
secondary < local | none | authorized > -- Specify the backup authentication method
for access control. (p. 48)
web-based -- Configure authentication mechanism used to control web-based port access to
the switch (p. 55)
primary < chap-radius | peap-mschapv2 > -- Specify the primary authentication method
for access control. (p. 44)
secondary < none | authorized > -- Specify the backup authentication method for access
control. (p. 48)
aaa authorization -- Configure authorization parameters on the switch (p. 30)
commands -- Configure exec (shell) commands authorization. (p. 31)
primary_method < radius | none > -- (p. 47)
aaa port-access -- Configure 802 (p. 42)
authenticator -- Configure 802 (p. 28)
active -- Activate/deactivate 802.1X authenticator. (p. 27)
PORT-LIST -- Manage 802.1X on the device port(s). ([ethernet] PORT-LIST) (p. 43)
auth-vid -- Configures VLAN where to move port after successful authentication (not
configured by default). (p. 30)
VLAN-ID -- Configures VLAN where to move port after successful authentication (not
configured by default). (VLAN-ID) (p. 54)
clear-statistics -- Clear the authenticator statistics. (p. 31)
client-limit -- Set the maximum number of clients to allow on the port. (p. 31)
NUMBER-OF-CLIENTS < 1 to 32 > -- Set the maximum number of clients to allow on
the port. (NUMBER) (p. 42)
control < authorized | auto | unauthorized > -- Set the authenticator to Force Authorized,
Force Unauthorized or Auto state (default Auto). (NUMBER) (p. 32)
initialize -- Reinitialize the authenticator state machine. (p. 35)
logoff-period < 1 to 999999999 > -- Set period of time after which a client will be
considered removed from the port for a lack of activity. (NUMBER) (p. 36)
max-requests < 1 to 10 > -- Set maximum number of times the switch retransmits
authentication requests (default 2). (NUMBER) (p. 39)
quiet-period < 0 to 65535 > -- Set the period of time the switch does not try to acquire
a supplicant (default 60 sec.). (NUMBER) (p. 47)
reauthenticate -- Force re-authentication to happen. (p. 47)
reauth-period < 0 to 9999999 > -- Set the re-authentication timeout (in seconds, default
0); set to '0' to disable re-authentication. (NUMBER) (p. 47)
server-timeout < 1 to 300 > -- Set the authentication server response timeout (default
30sec.). (NUMBER) (p. 50)
supplicant-timeout < 1 to 300 > -- Set the supplicant response timeout on an EAP request
(default 30 sec.). (NUMBER) (p. 52)
tx-period < 1 to 65535 > -- Set the period of time the switch waits until retransmission
of EAPOL PDU (default 30 sec.). (NUMBER) (p. 53)
unauth-period < 0 to 255 > -- Set period of time the switch waits for authentication
before moving the port to the VLAN for unauthenticated clients. (NUMBER) (p. 53)
unauth-vid -- Configures VLAN where to keep port while there is an unauthenticated
client connected (not configured by default). (p. 53)
VLAN-ID -- Configures VLAN where to keep port while there is an unauthenticated
client connected (not configured by default). (VLAN-ID) (p. 54)
gvrp-vlans -- Enable/disable the use of RADIUS-assigned dynamic (GVRP) VLANs (p. 34)
mac-based -- Configure MAC address based network authentication on the device or the
device's port(s) (p. 37)
addr-format < no-delimiter | single-dash | multi-dash | ... > -- Set the MAC address format
to be used in the RADIUS request message (default no-delimiter). (p. 27)
23© 2009 Hewlett-Packard Development Company, L.P.
aaaCommand Line Interface Reference Guide