Security Commands 953802.1x CommandsDell EMC Networking N1100-ON/N1500/N2000/N2100-ON/N3000/N3100-ON/N4000 Series SwitchesLocal Area Networks (LANs) are often deployed in environments that permitthe attachment of unauthorized devices. The networks also permitunauthorized users to attempt to access the LAN through existingequipment. In such environments, the administrator may desire to restrictaccess to the services offered by the LAN.Port-based network access control makes use of the physical characteristics ofLAN infrastructures to provide a means of authenticating and authorizingdevices attached to a LAN port. Port-based network access control preventsaccess to the port in cases in which the authentication and authorizationprocess fails. A port is defined as a single point of attachment to the LAN.The Dell EMC Networking switches support an 802.1x Authenticator servicewith a local authentication server or authentication using remote RADIUS orTACACS servers. Refer to "AAA Commands" on page 838 for information onconfiguring connectivity to a RADIUS or TACACS authentication server orto configure the local authentication service.Dell EMC Networking switches also support 802.1X accounting to RADIUSor TACACS servers. Refer to the “AAA Commands” section to configure802.1X accounting.MD5 or none is the supported authentication method for communicationwith an authentication server. Dell EMC Networking does not supportencryption of switch initiated authenticator/authentication servercommunication. However, Dell EMC Networking switches are capable oftransporting end-to-end encrypted traffic such as EAP-TLS between asupplicant and an authenticator.802.1x Monitor ModeMonitor mode is a special mode that can be enabled in conjunction withDot1x authentication. It allows network access even in case where there is afailure to authenticate but logs the results of the authentication process fordiagnostic purposes. The exact details are described in the below sections.The main aim of the monitor mode is to provide a mechanism to the operator