Configuration Prerequisites; Configuration Procedure; Specifying Supported Domain Name Delimiters - HPE FlexNetwork 5510 HI Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 5510 HI Series:
- Configuration manual (572 pages) ,
- Mpls configuration manual (505 pages) ,
- Layer 3 - ip routing configuration manual (486 pages)
Table of Contents
Advertisement
Configuration prerequisites
Before you enable the 802.1X critical voice VLAN on a port, complete the following tasks:
•
Enable LLDP both globally and on the port.
The device uses LLDP to identify voice users. For information about LLDP, see Layer 2—LAN
Switching Configuration Guide.
•
Enable voice VLAN on the port.
For information about voice VLANs, see Layer 2—LAN Switching Configuration Guide.
Configuration procedure
To enable the 802.1X critical voice VLAN feature on a port:
Step
1.
Enter system view.
2.
Enter Layer 2 Ethernet
interface view.
3.
Enable the 802.1X critical
voice VLAN feature on a
port.
Specifying supported domain name delimiters
By default, the access device supports the at sign (@) as the delimiter. You can also configure the
access device to accommodate 802.1X users who use other domain name delimiters. The
configurable delimiters include the at sign (@), backslash (\), dot (.), and forward slash (/).
Usernames that include domain names can use the format of username@domain-name,
domain-name\username, username.domain-name, or username/domain-name.
If an 802.1X username string contains multiple configured delimiters, the rightmost delimiter is the
domain name delimiter. For example, if you configure the backslash (\), dot (.), and forward slash (/)
as delimiters, the domain name delimiter for the username string 121.123/22\@abc is the backslash
(\). The username is @abc and the domain name is 121.123/22.
If a username string contains none of the delimiters, the access device authenticates the user in the
mandatory or default ISP domain.
To specify a set of domain name delimiters:
Step
1.
Enter system view.
2.
Specify a set of domain
name delimiters for 802.1X
users.
NOTE:
If you configure the access device to send usernames with domain names to the RADIUS server,
make sure the domain delimiter can be recognized by the RADIUS server. For username format
configuration, see the user-name-format command in Security Command Reference.
Command
system-view
interface
interface-type
interface-number
dot1x critical-voice-vlan
Command
system-view
dot1x domain-delimiter string
92
Remarks
N/A
N/A
By default, the 802.1X critical
voice VLAN feature is disabled on
a port.
Remarks
N/A
By default, only the at sign (@)
delimiter is supported.
- Quick Links:
- Radius
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork 5510 HI Series and is the answer not in the manual?