Configuring An Auth-Fail Vlan - HP 5120 EI Switch Series Configuration Manual

Hide thumbs Also See for 5120 EI Switch Series:
Table of Contents

Advertisement

To do...

Configuring an Auth-Fail VLAN

Configuration guidelines
Follow these guidelines when configuring an 802.1X Auth-Fail VLAN:
Assign different IDs for the voice VLAN, the default VLAN, and the 802.1X guest VLAN on a port, so
the port can correctly process VLAN tagged incoming traffic.
You can configure only one 802.1X Auth-Fail VLAN on a port. The 802.1X Auth-Fail VLANs on
different ports can be different.
Use
Table 7
Table 7 Relationships of the 802.1X Auth-Fail VLAN with other features
Feature
MAC authentication guest VLAN
on a port that performs MAC-
based access control
Port intrusion protection on a port
that performs MAC-based access
control
Configuration prerequisites
Create the VLAN to be specified as the 802.1X Auth-Fail VLAN
If the 802.1X-enabled port performs port-based access control, enable 802.1X multicast trigger.
If the 802.1X-enabled port performs MAC-based access control, configure the port as a hybrid port,
enable MAC-based VLAN on the port, and assign the port to the Auth-Fail VLAN as an untagged
member. For more information about the MAC-based VLAN function, see the Layer 2
Switching Configuration Guide.
Follow these steps to configure an Auth-Fail VLAN:
To do...
Enter system view
Enter Layer 2 Ethernet interface
view
Configure the Auth-Fail VLAN on
the port
Use the command...
interface view
dot1x guest-vlan guest-vlan-id
when configuring multiple security features on a port.
Relationship description
The 802.1X Auth-Fail VLAN has a high
priority.
The 802.1X Auth-Fail VLAN function has
higher priority than the block MAC action
but lower priority than the shut down port
action of the port intrusion protection
feature.
Use the command...
system-view
interface interface-type interface-
number
dot1x auth-fail vlan authfail-vlan-
id
Remarks
Remarks
Required
By default, no Auth-Fail VLAN is
configured.
83
Reference
The chapter ―MAC
authentication
configuration‖
The chapter ―Port Security
configuration‖
LAN

Advertisement

Table of Contents
loading

Table of Contents