Authentication-free rules applied to users through dot1x on S series switch

1

For S series switches except S1700 switches, after 802.1x authentication is enabled globally and on an interface, non-authentication can be implemented for specific users based on their MAC addresses.
To implement this function, configure user devices' MAC addresses as static MAC addresses of a specified VLAN on the interface connected to user devices.

Other related questions:
How to configure an authentication-free rule for Portal authentication users on S series switch
For S series switches (except the S1700) running all versions, NAC can be configured in common mode. For switches running V200R005C00 and later versions, NAC can be configured in unified mode. For switches running V200R009C00, the configuration model of NAC unified mode changes. Query the appropriate product manual based on the switch model and version. The following links are for reference only. In NAC common mode, configure an authentication-free rule to allow all Portal authentication users to access the network segment 10.1.1.1/24 without authentication. [HUAWEI] portal free-rule 1 destination ip 10.1.1.1 mask 24 source ip any For details, see "NAC Configuration (Common Mode) - (Optional) Setting Access Control Parameters for Portal Authentication Users" in S2750&S5700&S6720 V200R008C00 Configuration Guide - User Access and Authentication. In NAC unified mode, configure an authentication-free rule to allow all NAC authentication users to access the network segment 10.1.1.1/24 without authentication. [HUAWEI] authentication free-rule 1 destination ip 10.1.1.1 mask 24 source ip any For details, see "NAC Configuration (Unified Mode) - (Optional) Configuring Authentication Free Rules to Assign Network Access Rights to Users" in S2750&S5700&S6720 V200R008C00 Configuration Guide - User Access and Authentication. In NAC unified mode, configure an authentication-free rule to allow all NAC authentication users to access the network segment 10.1.1.1/24 without authentication. [HUAWEI] free-rule-template name default_free_rule [HUAWEI-free-rule-default_free_rule] free-rule 1 destination ip 10.1.1.1 mask 24 source ip any For details, see "NAC Configuration (Unified Mode) - (Optional) Configuring Authorization Information for Authentication-free Users" in .

Can a user log in to an S series switch through fingerprint authentication
All S series switches do not support user login through fingerprint identification.

What are the differences between 802.1X and DOT1X on S series switch?
802.1X and DOT1X provide the same function.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top