Port-Security - HP 3500yl Series Access Security Manual

Option For Authenticator Ports: Configure Port-Security To Allow Only 802.1X-Authenticated Devices
HP Switch(config)# aaa port-access authenticator a10 control auto
HP Switch(config)# show port-access authenticator a10 config
Port Access Authenticator Configuration
Port-access authenticator activated [No] : Yes
Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No
| Re-auth Access
Port | Period
---- + ------- -------- ----- ------- -------- ---------- -------- -----
A10 | No
Figure 13-9. Port-Access Support for Port-Security Operation
N o t e
Max Quiet
Control Reqs Period
Auto 2 60

Port-Security

If 802.1X port-access is configured on a given port, then port-security learn-
mode for that port must be set to either continuous (the default) or port-access.
In addition to the above, to use port-security on an authenticator port (chapter
14), use the per-port client-limit option to control how many MAC addresses
of 802.1X-authenticated devices the port is allowed to learn. (Using client-limit
sets 802.1X to user-based operation on the specified ports.) When this limit is
reached, no further devices can be authenticated until a currently authenti-
cated device disconnects and the current delay period or logoff period has
expired.
Configure the port access type.
Syntax: aaa port-access authenticator < port-list > client-limit < 1 - 32 >
Configures user-based 802.1X authentication on the
specified ports and sets the number of authenticated
devices the port is allowed to learn. For more on this
command, refer to "Configuring Switch Ports as 802.1X
Authenticators" on page 13-17.)
— Or —
no aaa port-access authenticator < port-list > client-limit
Configures port-based 802.1X authentication on the
specified ports, which opens the port. (Refer to "User
Authentication Methods" on page 13-2.)
Configuring Port-Based and User-Based Access Control (802.1X)
TX Supplicant Server
Timeout Timeout
30 30
Control mode
required for Port-
Security Support
Cntrl
Timeout Dir
30 both
13-49