Defining Host and Session Authentication

The Host and Session Authentication page enables defining the mode in which 802.1X operates on the port and the action to perform if a violation has been detected.

The 802.1X modes are:

To define 802.1X advanced settings for ports:

  1. Click Security > 802.1X > Host and Session Authentication. The Host and Session Authentication page displays.
  2. 802.1X authentication parameters are described for all ports. All fields except the following are described in the Edit Host and Session Authentication page.

    • Status--Displays the host status. An asterisk indicates that the port is either not linked or is down. The options are:
      • Unauthorized--Either the port control is Force Unauthorized and the port link is down, or the port control is Auto but a client has not been authenticated via the port.
      • Force-Authorized--Clients have full port access.
      • Single-host Lock--Port control is Auto and only a single client has been authenticated by using the port.
      • No Single Host--Port control is Auto and Multiple Hosts mode is enabled. At least one client has been authenticated.
      • Not in Auto Mode--Auto port control is not enabled.
    • Number of Violations--Displays the number of packets that arrive on the interface in single-host mode, from a host whose MAC address is not the supplicant MAC address.
  3. Select a port, and click Edit. The Edit Host and Session Authentication page displays.
  4. Enter the parameters.
    • Interface--Enter a port number for which host authentication is enabled.
    • Host Authentication--Select one of the modes. These modes are described above in Defining Host and Session Authentication.

    NOTE     The following fields are only relevant if you select Single in the Host Authentication field.

    • Action on a (Single Host) Violation--Select the action to be applied to packets arriving in Single Session/Single Host mode, from a host whose MAC address is not the supplicant MAC address. The options are:
      • Discard--Discards the packets.
      • Forward--Forwards the packets.
      • Shutdown--Discards the packets and shuts down the port. The ports remains shut down until reactivated, or until the switch is rebooted.
    • Traps on Single Host Violation--Select to enable traps.
    • Trap Frequency (on Single Host Violation)--Defines how often traps are sent to the host. This field can be defined only if multiple hosts are disabled.
  5. Click Apply. The settings are defined, and the Running Configuration file is updated.