• Switch 1.2
• Product Overview
  • Technical Specifications
  • Supported SonicWall and 3rd party SFP and SFP+ Modules that can be used with SonicWall Switches
  • Physical Interface - 10 Port Switch
  • Physical Interface - 24 Port Switch
  • Physical Interface - 48 Port Switch
  • Physical Interface - 8 Port Switch
  • Management Interface
  • Connecting the Switch to a Network
  • Web Access
• System Management
  • System
    • Dashboard
    • Network
    • Administration
      • SSH Settings
    • System Information
    • User Management
    • Simple Network Management Protocol
      • Classic diagram of SonicWall Switch for SNMP Testing
      • Add View List
      • Add Target Params
      • Add Target Address
      • Add Notify Setting
      • SNMP Traps/Informs
      • How to configure SNMP on SonicWall Switch
      • SNMP supported OID’s in 1.2.0.1-2s
      • How to Configure SNMP/MIB Browser on Client PC
    • Address Resolution Protocol
      • ARP Table
      • ARP Statistics
    • Authentication
    • Firmware and Settings
    • DHCP Snooping
    • DHCP Relay
    • Time
  • Switching
    • Port Settings
      • Port Settings
        • Native VLAN
      • QoS Settings
        • Bandwidth Control
        • Storm Control
      • PoE
      • Security
        • 802.1X
      • ACL Binding
      • Advanced
    • Spanning Tree Protocol
      • Network Loops
      • Global Settings
      • MST Instance Settings
      • STP Port Statistics
    • Loopback Detection
    • Link Aggregation
      • Port Trunking
      • Link Aggregation Control Protocol Settings
      • Link Aggregation Control Protocol Timeout
    • Port Mirror
    • Jumbo Frames
    • MAC Address Table
      • Dynamic MAC Address
    • Link Layer Discovery Protocol
      • Local Device
      • Remote Device
    • IGMP Snooping
      • Global Settings
      • Group List
      • Router Settings
    • Multicast Filtering
    • Quality of Service
      • Class of Service Mapping
      • IP/DSCP Mapping
      • Class Mapping
        • Adding a Class Policy
      • Policy Mapping
    • Remote Network Monitoring
      • Stat List
      • Event List
      • Event Log Table
      • Statistics
      • Alarm List
      • History List
      • History Log Table
    • Port Statistics
  • Routing
  • Security
    • 802.1X Security
      • Mac Authentication Bypass
        • Behaviors and Restrictions
      • Global Settings
      • Port Settings
      • Authenticated Host
      • Port Statistics
    • Denial of Service
    • ACL Management
      • MAC ACL
      • MAC-Based ACE
      • IPv4 ACL
      • IPv4-Based ACE
  • VLAN
    • 802.1Q
    • Voice VLAN
      • OUI Settings
      • Port Settings
  • Logging
    • Global Settings
      • Local Settings
    • Remote Logging
    • Log Table
  • Diagnostics
    • Ping
    • Trace Route
    • Download required tech support files
• System Maintenance
• Switch Troubleshooting
  • Communication flow between Firewall and Switch before it get authenticated
• SonicWall Support
  • About This Document

Behaviors and Restrictions

1. For MAB authentication mechanism, switch will transmit Access-Request message with host source MAC address as user and password. In radius server configuration, the format of the MAC address should be 12 hexadecimal digits, all lowercase and no punctuation.
2. If the host source MAC address is saved as static MAC in MAC Address Table, the MAC address will not be progressed during MAB process.
3. Switch can handle 10 different MAB requests at the same time per port for authentication.
4. In hybrid_mode, host will be authenticated with EAP by default. If host does not support EAP capability, it will fall back to MAB authentication mode.
5. In MAC-based mode, traffic from hosts not allowed for authentication will be dropped.
6. Before configuring MAC-based authentication mode, this port must be set port control auto. (Mac-Based mode can only be enabled when dot1x port-control is auto.)
7. Each host is authenticated separately when using MAC-based authentication mode.
8. Guest VLAN and RADIUS VLAN assignment have no effect in MAC-based mode. (Mac-Based mode can only be enabled when dot1x guest vlan and radius vlan assignment are disabled.)
9. In MAC-based mode, host information will be cleared after configuring max host number. Hosts that have passed authentication will have to be authenticated again.
10. Host information will be cleared after authentication mode, link up status or MAB mode has changed.
11. Mac-Based mode does not support MAB hybrid mode.(Mac-Based mode can only be enabled when dot1x MAB is mab_mode or disabled.)
12. Max host count is only effective when using MAC-based authentication mode.