|
104 Configuring Security using the CLITo enable RADIUS authentication of non-EAPOL hosts for a specific portor for all ports on an interface, use the following command in Interfaceconfiguration mode:eapol multihost [port ] radius-non-eap-enable"eapol multihost radius-non-eap-enable command: Interface mode" (page104) describes the parameters and variables for the eapol multihostradius-non-eap-enable command: Interface mode command.eapol multihost radius-non-eap-enable command: Interface mode parameters and variablesParameters and Variables Descriptionportlist Specifies the port or ports on which you wantRADIUS authentication enabled. You can entera single port, several ports or a range of ports.If you do not specify a port parameter, thecommand enables RADIUS authentication ofnon-EAP hosts on all ports on the interface.radius-non-eap-enable Enables RADIUS authentication on the desiredinterface or on a specific port, for non-EAPOLhosts.The default for this feature is ’disabled’.To discontinue RADIUS authentication of non-EAPOL hosts onEAPOL-enabled ports, use the no or default keywords at the start of thecommands in both the Global and Interface configuration modes.Configuring the format of the RADIUS password attribute whenauthenticating non-EAP MAC addresses using RADIUS To configurethe format of the RADIUS password when authenticating non-EAP MACaddresses using RADIUS, use the following command in the Globalconfiguration mode:eapol multihost non-eap-pwd-fmtThe syntax for the eapol multihost non-eap-pwd-fmt command is:eapol multihost non-eap-pwd-fmt { [ip-addr] [mac-addr][port-number] }"eapol multihost non-eap-pwd-fmt command parameters and variables"(page 105) describes the parameters and variables for the eapolmultihost non-eap-pwd-fmt command.Nortel Ethernet Routing Switch 2500 SeriesSecurity — Configuration and ManagementNN47215-505 (323165-B) 02.01 Standard4.1 19 November 2007Copyright © 2007, Nortel Networks. PreviousNext |