Option For Authenticator Ports: Configure Port-Security To Allow Only 802.1X-Authenticated Devices - HP ProCurve 6400cl Series Access Security Manual
Hide thumbs
Also See for ProCurve 6400cl Series:
- Management and configuration manual (508 pages) ,
- Installation and getting started manual (84 pages) ,
- Management manual (664 pages)
Table of Contents
Advertisement
Configuring Port-Based and Client-Based Access Control (802.1X)
Option For Authenticator Ports: Configure Port-Security To Allow Only 802.1X-Authenticated Devices
Figure 10-3. Port-Access Support for Port-Security Operation
N o t e
10-36
and there are multiple clients authenticated on the port, if one client loses
access and attempts to re-authenticate, that client will be handled as a
new client on the port.
■
On a 5300xl switch running software release E.09.xx or greater, the first
client to authenticate on a port configured to support multiple clients will
determine the port's VLAN membership for any subsequent clients that
authenticate while an active session is already in effect.
Option For Authenticator Ports:
Configure Port-Security To Allow Only
802.1X-Authenticated Devices
If 802.1X authentication is disabled on a port or set to authorized (Force
Authorize), the port can allow access to a non-authenticated client. Port-
Security operates with 802.1X authentication only if the selected ports are
configured as 802.1X with the control mode in the port-access authenticator
command set to auto (the default setting). For example, if port A10 was at a
non-default 802.1X setting and you wanted to configure it to support the port-
security option, you would use the following aaa port-access command:
Port-Security on 5300xl Switches Running Software
Release E.09.xx or Greater
If 802.1X port-access is configured on a given port, then port-security learn-
mode for that port must be set to either continuous (the default) or port-access.
Control mode
required for Port-
Security Support
Advertisement
Table of Contents
