1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FSM7328
    5. /
  5. 44
Page 216 / 400 Scroll up to view Page 211 - 215
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
9-10
Security Commands
202-10088-01, March 2005
Format
dot1x system-auth-control
Mode
Global Config
no dot1x system-auth-control
This command is used to disable the dot1x authentication support on the switch.
Format
no dot1x system-auth-control
Mode
Global Config
dot1x timeout
This command sets the value, in seconds, of the timer used by the authenticator state machine on
this port. Depending on the token used and the value (in seconds) passed, various timeout
configurable parameters are set. The following tokens are supported.
reauth-period: Sets the value, in seconds, of the timer used by the authenticator state machine on
this port to determine when re-authentication of the supplicant takes place. The reauth-period must
be a value in the range 1 - 65535.
quiet-period: Sets the value, in seconds, of the timer used by the authenticator state machine on
this port to define periods of time in which it will not attempt to acquire a supplicant. The quiet-
period must be a value in the range 0 - 65535.
tx-period: Sets the value, in seconds, of the timer used by the authenticator state machine on this
port to determine when to send an EAPOL EAP Request/Identity frame to the supplicant. The
quiet-period must be a value in the range 1 - 65535.
supp-timeout: Sets the value, in seconds, of the timer used by the authenticator state machine on
this port to timeout the supplicant. The supp-timeout must be a value in the range 1 - 65535.
server-timeout: Sets the value, in seconds, of the timer used by the authenticator state machine on
this port to timeout the authentication server. The supp-timeout must be a value in the range 1 -
65535.
Default
reauth-period: 3600 seconds
quiet-period: 60 seconds
tx-period: 30 seconds
supp-timeout: 30 seconds
server-timeout: 30 seconds
Page 217 / 400
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
Security Commands
9-11
202-10088-01, March 2005
Format
dot1x timeout {{reauth-period <seconds>} | {quiet-
period <seconds>} | {tx-period <seconds>} | {supp-tim-
eout <seconds>} | {server-timeout <seconds>}}
Mode
Interface Config
no dot1x timeout
This command sets the value, in seconds, of the timer used by the authenticator state machine on
this port to the default values. Depending on the token used, the corresponding default values are
set.
Format
no dot1x timeout {reauth-period | quiet-period | tx-
period | supp-timeout | server-timeout}
Mode
Interface Config
dot1x user
This command adds the specified user to the list of users with access to the specified port or all
ports. The <user> parameter must be a configured user.
Format
dot1x user
<user> {<
slot/port
> | all}
Mode
Global Config
no dot1x user
This command removes the user from the list of users with access to the specified port or all ports.
Format
no dot1x user
<user> {
<
slot/port
>
| all}
Mode
Global Config
show radius accounting
This command is used to display the configured RADIUS accounting mode, accounting server and
the statistics for the configured accounting server.
Format
show radius accounting [statistics <ipaddr>]
Mode
Privileged EXEC
If the optional token 'statistics <ipaddr>' is not included, then only the accounting mode and
the RADIUS accounting server details are displayed.
Mode
Enabled or disabled
Page 218 / 400
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
9-12
Security Commands
202-10088-01, March 2005
IP Address
The configured IP address of the RADIUS accounting server
Port
The port in use by the RADIUS accounting server
Secret Configured
Yes or No
If the optional token 'statistics <ipaddr>' is included, the statistics for the configured RADIUS
accounting server are displayed. The IP address parameter must match that of a previously
configured RADIUS accounting server. The following information regarding the statistics of the
RADIUS accounting server is displayed.
Accounting Server IP Address
IP Address of the configured RADIUS accounting server
Round Trip Time
The time interval, in hundredths of a second, between the most recent Account-
ing-Response and the Accounting-Request that matched it from the RADIUS
accounting server.
Requests
The number of RADIUS Accounting-Request packets sent to this
accounting server. This number does not include retransmissions.
Retransmission
The number of RADIUS Accounting-Request packets retransmit-
ted to this RADIUS accounting server.
Responses
The number of RADIUS packets received on the accounting port
from this server.
Malformed Responses
The number of malformed RADIUS Accounting-Response pack-
ets received from this server. Malformed packets include packets
with an invalid length. Bad authenticators and unknown types are
not included as malformed accounting responses.
Bad Authenticators
The number of RADIUS Accounting-Response packets contain-
ing invalid authenticators received from this accounting server.
Pending Requests
The number of RADIUS Accounting-Request packets sent to this
server that have not yet timed out or received a response.
Timeouts
The number of accounting timeouts to this server.
Unknown Types
The number of RADIUS packets of unknown types, which were
received from this server on the accounting port.
Packets Dropped
The number of RADIUS packets received from this server on the
accounting port and dropped for some other reason.
show authentication
This command displays the ordered authentication methods for all authentication login lists.
Page 219 / 400
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
Security Commands
9-13
202-10088-01, March 2005
Format
show authentication
Mode
Privileged EXEC
Authentication Login List
This displays the authentication login listname.
Method 1
This displays the first method in the specified authentication login list, if any.
Method 2
This displays the second method in the specified authentication login list, if any.
Method 3
This displays the third method in the specified authentication login list, if any.
show authentication users
This command displays information about the users assigned to the specified authentication login
list. If the login is assigned to non-configured users, the user “default” will appear in the user
column.
Format
show authentication users <listname>
Mode
Privileged EXEC
User
This field displays the user assigned to the specified authentication login list.
Component
This field displays the component (User or 802.1x) for which the authentication
login list is assigned.
show dot1x
This command is used to show a summary of the global dot1x configuration, summary
information of the dot1x configuration for a specified port or all ports, the detailed dot1x
configuration for a specified port and the dot1x statistics for a specified port - depending on the
tokens used.
Format
show dot1x [{summary {<slot/port> | all} | {detail
<slot/port>} | {statistics <slot/port>}]
Mode
Privileged EXEC
If
none of the optional parameters are used, the global dot1x configuration summary is displayed.
Administrative mode
Indicates whether authentication control on the switch is enabled or disabled.
If the optional parameter 'summary {<slot/port> | all}' is used, the dot1x configuration for the
specified port or all ports are displayed.
Port
The interface whose configuration is displayed.
Page 220 / 400
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
9-14
Security Commands
202-10088-01, March 2005
Control Mode
The configured control mode for this port. Possible values are force-unautho-
rized
|
force-authorized
|
auto
Operating Control Mode
The control mode under which this port is operating. Possible values are
authorized
|
unauthorized
Reauthentication Enabled
Indicates whether re-authentication is enabled on this port
Key Transmission Enabled
Indicates if the key is transmitted to the supplicant for the specified port
If the optional parameter 'detail
<
slot/port>' is used, the detailed dot1x configuration for the
specified port are displayed.
Port
The interface whose configuration is displayed
Protocol Version
The protocol version associated with this port.
The only possible value is 1, cor-
responding to the first version of the dot1x specification.
PAE Capabilities
The port access entity (PAE) functionality of this port.
Possible values are
Authenticator or Supplicant.
Authenticator PAE State
Current state of the authenticator PAE state machine.
Possible values are Ini-
tialize, Disconnected, Connecting, Authenticating, Authenticated, Aborting,
Held, ForceAuthorized, and ForceUnauthorized.
Backend Authentication State
Current state of the backend authentication state machine.
Possible
values are Request, Response, Success, Fail, Timeout, Idle, and Initialize.
Quiet Period
The timer used by the authenticator state machine on this port to define periods
of time in which it will not attempt to acquire a supplicant.
The value is
expressed in seconds and will be in the range 0 and 65535.
Transmit Period
The timer used by the authenticator state machine on the specified port to deter-
mine when to send an EAPOL EAP Request/Identity frame to the supplicant.
The value is expressed in seconds and will be in the range of 1 and 65535.
Supplicant Timeout
The timer used by the authenticator state machine on this port to timeout the
supplicant.
.
The value is expressed in seconds and will be in the range of 1 and
65535.
Server Timeout
The timer used by the authenticator on this port to timeout the authentication
server.
The value is expressed in seconds and will be in the range of 1 and
65535.
Maximum Requests
The maximum number of times the authenticator state machine on this port will
retransmit an EAPOL EAP Request/Identity before timing out the supplicant.
The value will be in the range of 1 and 10.
Reauthentication Period
The timer used by the authenticator state machine on this port to determine
when reauthentication of the supplicant takes place.
The value is expressed in
seconds and will be in the range of 1 and 65535.

Rate

4.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top