3Com S7902E Command Reference Manual - page 1825
1-9
Default Level
2: System level
Parameters
domain-name
: ISP domain name, a case-insensitive string of 1 to 24 characters.
Description
Use the
dot1x mandatory-domain
command to specify the mandatory authentication domain for
users accessing the port.
Use the
undo dot1x mandatory-domain
command to remove the mandatory authentication domain.
By default, no mandatory authentication domain is specified.
Note that:
z
When authenticating an 802.1X user trying to access the port, the system selects an authentication
domain in the following order: the mandatory domain, the ISP domain specified in the username,
and the default ISP domain.
z
The specified mandatory authentication domain must exist.
z
On a port configured with a mandatory authentication domain, the user domain name displayed by
the
display connection
command is the name of the mandatory authentication domain. For
detailed information about the
display connection
command, refer to
AAA
Commands
in the
Security Volume
.
Related commands:
display dot1x
.
Examples
# Configure the mandatory authentication domain
my-domain
for 802.1X users on GigabitEthernet
2/0/1.
[Sysname] interface GigabitEthernet 2/0/1
[Sysname-GigabitEthernet2/0/1] dot1x mandatory-domain my-domain
# After 802.1X user
usera
passes the authentication, display the user connection information on
GigabitEthernet 2/0/1.
[Sysname-GigabitEthernet2/0/1] display connection interface GigabitEthernet 2/0/1
Index=68 ,Username=usera@my-domian
MAC=0015-e9a6-7cfe ,IP=3.3.3.3
Total 1 connection(s) matched.
dot1x max-user
Syntax
In system view:
dot1x
max-user user-number
[
interface interface-list
]
undo dot1x
max-user
[
interface interface-list
]
In Ethernet interface view:
dot1x
max-user user-number