HP (Hewlett-Packard) W.14.03 Switch User Manual


  Open as PDF
of 594
 
Configuring Port-Based and User-Based Access Control (802.1X)
Contents
3. Configure the 802.1X Authentication Method . . . . . . . . . . . . . . . . 12-26
4. Enter the RADIUS Host IP Address(es) . . . . . . . . . . . . . . . . . . . . . 12-27
5. Enable 802.1X Authentication on the Switch . . . . . . . . . . . . . . . . 12-27
6. Optional: Reset Authenticator Operation . . . . . . . . . . . . . . . . . . . . 12-28
7. Optional: Configure 802.1X Controlled Directions . . . . . . . . . . . . 12-28
Wake-on-LAN Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-29
Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-29
Example: Configuring 802.1X Controlled Directions . . . . . . . . 12-30
802.1X Open VLAN Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-31
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-31
VLAN Membership Priorities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-32
Use Models for 802.1X Open VLAN Modes . . . . . . . . . . . . . . . . . . . . 12-33
Operating Rules for Authorized-Client and
Unauthorized-Client VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-38
Setting Up and Configuring 802.1X Open VLAN Mode . . . . . . . . . . . 12-42
802.1X Open VLAN Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . 12-46
Option For Authenticator Ports: Configure Port-Security
To Allow Only 802.1X-Authenticated Devices . . . . . . . . . . . . . . . . . 12-47
Port-Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-48
Configuring Switch Ports To Operate As
Supplicants for 802.1X Connections to Other Switches . . . . . . . . 12-49
Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-49
Supplicant Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-51
Displaying 802.1X Configuration, Statistics, and Counters . . . . 12-53
Show Commands for Port-Access Authenticator . . . . . . . . . . . . . . . 12-53
Viewing 802.1X Open VLAN Mode Status . . . . . . . . . . . . . . . . . . . . . 12-62
Show Commands for Port-Access Supplicant . . . . . . . . . . . . . . . . . . 12-66
How RADIUS/802.1X Authentication Affects VLAN Operation . 12-67
Example of Untagged VLAN Assignment in a RADIUS-Based
Enabling the Use of GVRP-Learned Dynamic VLANs
VLAN Assignment on a Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-68
Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-68
Authentication Session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-70
in Authentication Sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-73
Messages Related to 802.1X Operation . . . . . . . . . . . . . . . . . . . . . . . 12-75
12-2
 previous next