HP 3500yl Series Access Security Manual page 687

Even though port A2 is
configured as Untagged
on (static) VLAN 33 (see
figure 13-20), it does not
appear in the VLAN 33
listing while the 802.1X
session is using VLAN 22
in the Untagged status.
However, after the 802.1X
session with VLAN 22
ends, the active
configuration returns port
A2 to VLAN 33.
Figure 13-22. The Active Configuration for VLAN 33 Temporarily Drops Port 22 for the 802.1X Session
After the 802.1X session
on VLAN 22 ends, the
active configuration
again includes VLAN 33
on port A2.
Figure 13-23. The Active Configuration for VLAN 33 Restores Port A2 After the 802.1X Session Ends
Configuring Port-Based and User-Based Access Control (802.1X)
HP Switch(config)# show vlan 33
Status and Counters - VLAN Information - VLAN 33
VLAN ID : 33
Name : VLAN_33
Status : Static
Voice : No
Jumbo : No
Port Information Mode
---------------- -------- ------------ ----------
A4
Overriden Port VLAN configuration
Port Mode
---- ----------
A2 Untagged
When the 802.1X client's session on port A2 ends, the port removes the
temporary untagged VLAN membership. The static VLAN (VLAN 33) that
is "permanently" configured as untagged on the port becomes available
again. Therefore, when the RADIUS-authenticated 802.1X session on
port A2 ends, VLAN 22 access on port A2 also ends, and the untagged
VLAN 33 access on port A2 is restored as shown in Figure 13-23.
HP Switch(config)# show vlan 33
Status and Counters - VLAN Information - VLAN 33
VLAN ID : 33
Name : VLAN_33
Status : Static
Voice : No
Jumbo : No
Port Information Mode
---------------- -------- ------------ ----------
A2
A4
How RADIUS/802.1X Authentication Affects VLAN Operation
Unknown VLAN Status
Tagged Learn
Unknown VLAN Status
Untagged Learn
Tagged Learn
Up
Up
Up
13-75