Filter
Top Products
DES-7200 Configuration Guide Chapter 4 802.1x Configuration
4-39
Caution
In the port-based authentiction mode, every port only can receive one
authentication user.
Single-host is port-based single-user 802.1x access control. Use show
dot1x port-control to display port-based and use show running-config
to display dot1x port-control-mode port-based single-host.
Since single-host only supports the single-user form, setting
default-user-limit on the port manually does not take effect in single-host
mode. If you set default-user-limit on the port after setting single-host, only
one user can be permitted to use the network still.
In the port-based authentication mode, you can permit or deny dynamic users to migrate
among multiple authentication ports, which is permitted by default. If you want to deny the
migration of dynamic users, follow the steps below from the privileged mode.
Command Function
configure terminal
Enters the global configuration mode.
dot1x stationarity enable
Prohibits migration between ports.
End
Returns to the privileged mode.
Write
Saves the configuration.
4.2.31 Configuring Dynamic Acl
Assignment
802.1x supports ACL assignment from server and dynamic installation of the assigned ACL.
Our product support installing acl by default. They will install acl dynamically on condition that
the allowed acl is set on the server and is assigned after the successful user authentication.
To implement dynamic acl assignment, you need to set the port as mac-based authentication
mode or port-based single-user authentication mode. The ACL assignment is not supported in
the port-based multi-user authentication mode. For the configuration, please refer to the
related command configuration manual.