Eapol Port States; Guest Vlan - Lenovo RackSwitch G8264 Application Manual
For lenovo enterprise network operating system 8.4
Hide thumbs
Also See for RackSwitch G8264:
- Command reference manual (794 pages) ,
- Installation manual (106 pages) ,
- Product manual (26 pages)
Table of Contents
Advertisement
EAPoL Port States
Guest VLAN
© Copyright Lenovo 2016
The state of the port determines whether the client is granted access to the network,
as follows:
Unauthorized
While in this state the port discards all ingress and egress traffic except EAP
packets.
Authorized
When the client is successfully authenticated, the port transitions to the
authorized state allowing all traffic to and from the client to flow normally.
Force Unauthorized
You can configure this state that denies all access to the port.
Force Authorized
You can configure this state that allows full access to the port.
Use the 802.1X global configuration commands (dot1x) to configure 802.1X
authentication for all ports in the switch. Use the 802.1X port commands to
configure a single port.
The guest VLAN provides limited access to unauthenticated ports. The guest
VLAN can be configured using the following commands:
dot1x guestvlan ?
RS G8264(config)#
Client ports that have not received an EAPOL response are placed into the Guest
VLAN, if one is configured on the switch. Once the port is authenticated, it is
moved from the Guest VLAN to its configured VLAN.
When Guest VLAN enabled, the following considerations apply while a port is in
the unauthenticated state:
The port is placed in the guest VLAN.
The Port VLAN ID (PVID) is changed to the Guest VLAN ID.
Port tagging is disabled on the port.
Chapter 6: 802.1X Port-Based Network Access Control
121
- Quick Links:
- Chapter 18. Stacking
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
