Configuring EAPOL globally using EDM

Use the following procedure to configure EAPOL parameters globally for the switch.

Prerequisites

  • Open one of the supported browsers.

  • Enter the IP address of the switch to open an EDM session.

Procedure steps

  1. From the navigation tree, double-click Security.

  2. In the Security tree, double-click 802.1X/EAP.

  3. In the work area, click the EAPOL tab.

  4. Configure the parameters as required.

  5. In the toolbar, click Apply.

Variable definitions

The following table describes the fields of EAPOL tab.

Variable Value
SystemAuthControl Enables or disables port access control on the switch.
UserBasedPolicies Enabled Enables or disables EAPOL user-based policies. For more information about user-based policies, see Avaya Ethernet Routing Switch 5000 Series Configuration — Quality of Service, NN47200-504.
UserBasedPoliciesFilterOnMac Enables or disables the filter on MAC addresses for user-based policies.
GuestVlanEnabled Enables or disables the Guest VLAN.
GuestVlanId Sets the VLAN ID of the Guest VLAN.
MultiHostAllow NonEapClient Enables or disables support for non-EAPOL hosts on EAPOL-enabled ports.
MultiHostSingle AuthEnabled Enables or disables Multiple Host Single Authentication (MHSA). When selected, non-EAPOL hosts are allowed on a port if there is one authenticated EAPOL client on the port.
MultiHostRadiusAuth NonEapClient Enables or disables RADIUS authentication of non-EAPOL hosts on EAPOL-enabled ports.
MultiHostAllowNonEapPhones Enables or disables Avaya IP Phone clients as another non-EAP type.
MultiHostAllowRadiusAssignedVlan Enables or disables the use of RADIUS-assigned VLAN values in the Multihost mode.
MultiHostAllowNonEapRadiusAssignedVlan Enables or disables the use of non-EAP RADIUS-assigned VLAN values in the Multihost mode.
MultiHostUseMostRecentRadiusAssignedVlan Enables or disables the use of the most recent VLAN values assigned by the RADIUS server.
MultiHostMultiVlan Enables or disables the multiple VLAN capability for EAP and non-EAP hosts The default is disabled.
MultiHostEapPacketMode Enables or disables the choice of packet mode (unicast or multicast) in the Multihost mode. Default is multicast.
MultiHostEapProtocolEnabled Enables or disables the processing of EAP protocol packets.
MultiHostFailOpenVlanId Specifies the ID of the global fail-over Vlan.
MultiHostFailOpenVlanEnabled Enables or disables the fail-over Vlan.
NonEapRadiusPasswordAttributeFormat Enables or disables setting the format of the Remote Authentication Dial-In User Service (RADIUS) Server password attribute for non-EAP clients.
NonEapUserBasedPoliciesEnabled Enables or disables non-EAP user-based policies.
NonEapUserBasedPoliciesFilterOnMac Enables or disables the filter on MAC addresses for non-EAP user-based policies.
MultiHostNeapReauthenticationEnabled Enables or disables NEAP reauthentication.
MultiHostBlockDifferentVlanAuth Enables or disables the block subsequent MAC authentication feature.