HP (Hewlett-Packard) 2626 (J4900A/B) Switch User Manual


 
8-1
8
Configuring Port-Based Access Control
(802.1X)
Contents
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3
Why Use Port-Based Access Control? . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3
General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3
How 802.1X Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-6
Authenticator Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-6
Switch-Port Supplicant Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8
General Operating Rules and Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10
General Setup Procedure for Port-Based Access Control (802.1X) . . . . . 8-12
Do These Steps Before You Configure 802.1X Operation . . . . . . . . . 8-12
Overview: Configuring 802.1X Authentication on the Switch . . . . . . 8-13
Configuring Switch Ports as 802.1X Authenticators . . . . . . . . . . . . . . . . . 8-15
1. Enable 802.1X Authentication on Selected Ports . . . . . . . . . . . . . . 8-15
3. Configure the 802.1X Authentication Method . . . . . . . . . . . . . . . . . 8-19
4. Enter the RADIUS Host IP Address(es) . . . . . . . . . . . . . . . . . . . . . . 8-20
5. Enable 802.1X Authentication on the Switch . . . . . . . . . . . . . . . . . 8-20
802.1X Open VLAN Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-21
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-21
Use Models for 802.1X Open VLAN Modes . . . . . . . . . . . . . . . . . . . . . 8-22
Operating Rules for Authorized-Client and
Unauthorized-Client VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-25
Setting Up and Configuring 802.1X Open VLAN Mode . . . . . . . . . . . . 8-27
802.1X Open VLAN Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . 8-31
Option For Authenticator Ports: Configure Port-Security To
Allow Only 802.1X Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-32