Currently, when both dot1x and MAC authentication method is enabled on a port, a new MAC address detection triggers ExtremeXOS to send a RADIUS request to authenticate the new client on that port using MAC-based authentication. This feature allows you delay/bypass the MAC authentication by configuring a MAC authentication delay period on a per port basis. The MAC authentication delay period‘s default value is 0 seconds for backward compatibility, with a permissible range of 0 to 120 seconds.
Summit X450-G2, X460-G2, X670-G2, X770, and ExtremeSwitching X620, X440-G2 series switches
Changes are underlined.
configure netlogin mac ports [port_list | all] timers [{reauth-period [reauth_period]} {reauthentication [on | off]} {delay [delay]}]
The output of the show netlogin command now includes the authentication delay period value (shown in bold):
NetLogin Authentication Mode : web-based DISABLED; 802.1x DISABLED; mac-based DISABLED NetLogin VLAN : Not Configured NetLogin move-fail-action : Deny NetLogin Client Aging Time : 5 minutes Dynamic VLAN Creation : Disabled Dynamic VLAN Uplink Ports : None Authentication Protocol Order: 802.1x, web-based, mac-based (default) SNIPPED ------------------------------------------------ MAC Mode Global Configuration ------------------------------------------------ Re-authentication period : 0 (Re-authentication disabled) Authentication Database : Radius, Local-User database Authentication Delay Period : 0 (Default) ------------------------------------------------ Number of Clients Authenticated : 0