55
Enhancements in Release F.05.05 through F.05.70
Enhancements in Release F.05.05 through F.05.60
Option For Authenticator Ports: Configure Port-Security To Allow
Only 802.1X Devices
If you are using port-security on authenticator ports, you can configure it to learn only the MAC
address of the first 802.1X-aware device detected on the port. Then, only traffic from this specific
device is allowed on the port. When this device logs off, another 802.1X-aware device can be
authenticated on the port.
Note
Port-Security operates with 802.1X authentication as described above only if the selected ports are
configured as 802.1X; that is with the control mode in the port-access authenticator command set to
auto. For example, to configure port 10 for 802.1X authenticator operation and display the result:
HPswitch(config)# aaa port-access authenticator e 10 control auto
HPswitch(config)# show port-access authenticator e 10 config
Syntax: port-security [ethernet] < port-list >
learn-mode port-access
Configures port-security on the specified port(s) to
allow only the first 802.1X-aware device that the port
detects.
action < none | send-alarm | send-disable >
Configures the port’s response (in addition to blocking
unauthorized traffic) to detecting an intruder.