Configuring EAPOL globally using EDM

Use the following procedure to configure EAPOL parameters globally for the switch.

Prerequisites

Procedure steps


Step Action

1

From the navigation tree, double-click Security.

2

In the Security tree, double-click 802.1X/EAP.

3

In the work area, click the EAPOL tab.

4

Configure the parameters as required.

5

In the toolbar, click Apply.


--End--

Variable definitions

The following table describes the fields of EAPOL tab.

Variable Value
SystemAuthControl Enables or disables port access control on the switch.
UserBasedPolicies
Enabled
Enables or disables EAPOL user-based policies. For more information about user-based policies, see Nortel Ethernet Routing Switch 5000 Series Configuration — Quality of Service (NN47200-504).
UserBasedPoliciesFilterOnMac Enables or disables the filter on MAC addresses for user-based policies.
GuestVlanEnabled Enables or disables the Guest VLAN.
GuestVlanId Sets the VLAN ID of the Guest VLAN.
MultiHostAllow
NonEapClient
Enables or disables support for non-EAPOL hosts on EAPOL-enabled ports.
MultiHostSingle
AuthEnabled
Enables or disables Multiple Host Single Authentication (MHSA). When selected, non-EAPOL hosts are allowed on a port if there is one authenticated EAPOL client on the port.
MultiHostRadiusAuth
NonEapClient
Enables or disables RADIUS authentication of non-EAPOL hosts on EAPOL-enabled ports.
MultiHostAllowNonEapPhones Enables or disables Nortel IP Phone clients as another non-EAP type.
MultiHostAllowRadiusAssignedVlan Enables or disables the use of RADIUS-assigned VLAN values in the Multihost mode.
MultiHostAllowNonEapRadiusAssignedVlan Enables or disables the use of non-EAP RADIUS-assigned VLAN values in the Multihost mode.
MultiHostUseMostRecentRadiusAssignedVlan Enables or disables the use of the most recent VLAN values assigned by the RADIUS server.
MultiHostEapPacketMode Enables or disables the choice of packet mode (unicast or multicast) in the Multihost mode. Default is multicast.
MultiHostEapProtocolEnabled Enables or disables the processing of EAP protocol packets.
MultiHostFailOpenVlanId Specifies the ID of the global fail-over Vlan.
MultiHostFailOpenVlanEnabled Enables or disables the fail-over Vlan.
NonEapRadiusPasswordAttributeFormat Enables or disables setting the format of the Remote Authentication Dial-In User Service (RADIUS) Server password attribute for non-EAP clients.
NonEapUserBasedPoliciesEnabled Enables or disables non-EAP user-based policies.
NonEapUserBasedPoliciesFilterOnMac Enables or disables the filter on MAC addresses for non-EAP user-based policies.