|
Securing your network 105eapol multihost non-eap-pwd-fmt command parameters and variablesParameter Descriptionip-addr Specifies the IP address of the non-EAP client.mac-addr Specifies the MAC address of the non-EAPclient.port-number Specifies the port number for which you want theRADIUS password attribute configured.To discontinue configuration of the RADIUS password attribute format, usethe no or default keywords at the start of the commands, in the Globalconfiguration mode.Specifying the maximum number of non-EAPOL hosts allowed Toconfigure the maximum number of non-EAPOL hosts allowed for a specificport or for all ports on an interface, use the following command in Interfaceconfiguration mode:eapol multihost [port ] non-eap-mac-max where is the list of ports to which you want the setting to apply.You can enter a single port, a range of ports, several ranges, or all. Ifyou do not specify a port parameter, the command sets the value forall ports on the interface. is an integer in the range 1–32 that specifies the maximumnumber of non-EAPOL clients allowed on the port at any one time. Thedefault is 1.ATTENTIONThe configurable maximum number of non-EAPOL clients for each port is 32, butNortel expects that the usual maximum allowed for each port be lower. Nortelexpects that the combined maximum will be approximately 200 for each boxand 800 for a stack.Creating the allowed non-EAPOL MAC address list To specify the MACaddresses of non-EAPOL hosts allowed on a specific port or on all ports onan interface, for local authentication, use the following command in Interfaceconfiguration mode:eapol multihost non-eap-mac [port ] where is the list of ports on which you want to allow the specifiednon-EAPOL hosts. You can enter a single port, a range of ports, severalNortel Ethernet Routing Switch 2500 SeriesSecurity — Configuration and ManagementNN47215-505 (323165-B) 02.01 Standard4.1 19 November 2007Copyright © 2007, Nortel Networks. PreviousNext |