Verifying The Configuration; With Acl Assignment Configuration Example; Network Requirements - HP 10500 Series Configuration Manual

# Enable 802.1X globally.
[Device] dot1x
# Enable 802.1X for port GigabitEthernet 1/0/2.
[Device] interface gigabitethernet1/0/2
[Device-GigabitEthernet1/0/2] dot1x
# Implement port-based access control on the port.
[Device-GigabitEthernet1/0/2] dot1x port-method portbased
# Set the port authorization mode to auto. This step is optional. By default, the port is in auto mode.
[Device-GigabitEthernet1/0/2] dot1x port-control auto
[Device-GigabitEthernet1/0/2] quit
# Set VLAN 10 as the 802.1X guest VLAN for port GigabitEthernet 1/0/2.
[Device] dot1x guest-vlan 10 interface gigabitethernet1/0/2

Verifying the configuration

Use the display dot1x interface gigabitethernet1/0/2 command to verify the 802.1X guest VLAN
configuration on GigabitEthernet 1/0/2. If no user passes authentication on the port within a specific
period of time, use the display vlan 10 command to verify whether GigabitEthernet 1/0/2 is assigned
to VLAN 10.
After a user passes authentication, you can use the display interface gigabitethernet1/0/2 command to
verity that port GigabitEthernet 1/0/2 has been added to VLAN 5.
802.1X with ACL assignment configuration
example

Network requirements

As shown in
access device.
Perform 802.1X authentication on the port. Use the RADIUS server at 10.1.1.1 as the authentication and
authorization server and the RADIUS server at 10.1.1.2 as the accounting server. Assign an ACL to
GigabitEthernet 1/0/1 to deny the access of 802.1X users to the FTP server at 10.0.0.1/24 on weekdays
during business hours from 8:00 to 18:00.
Figure 44 Network diagram
Figure 44, the host at 192.168.1.10 connects to port GigabitEthernet 1/0/1 of the network
103