DES-7200 Configuration Guide Chapter 4 802.1x Configuration
4-26
authentication succeeds, the information of the field is shown on our 802.1x client of
Star-Supplicant, by which the operators can release some information.
Such information is shown at the first user authorization, but not at re-authentication. This
avoids frequently disturbing the user.
The window for showing the advertisement information supports html, which converts the
http://XXX.XXX.XX in the message into links capable of direct switching, for easier browsing.
Releasing of the advertising information:
1) The operator configures the Reply Message attribute on the Radius Server end.
2) Only our Star-supplicant client supports such information (free for the users of our
switch), while other clients cannot see the information, which however does not affect
their normal use.
3) No setting is required at the device end.
4.2.17 List of Authenticable Hosts
under a Port
For enhanced security of the 802.1x, we have made expansion without affecting the IEEE
802.1x, allowing the NM to restrict the list of hosts authenticated of a port. If the list of hosts
authenticated of a port is empty, any user can be authenticated. If the list is not empty, only the
hosts in the list can be authenticated. The hosts that can be authenticated are identified by
using the MAC addresses.
The following example adds/deletes the hosts that can be authenticated under a port.
Command Function
configure terminal
Enter the global configuration mode.
dot1x auth-address-table address
mac-addr interface interface
Set the list of the hosts that can be authenticated.
end
Return to the privileged mode.
write
Save the configuration.
show running-config
Show the configuration.
Caution
If the list of the host is empty, the port allows any host to be authenticated.
4.2.18 Authorization
To make it easier for operators, our products can provide services of different qualities for