HP ProCurve 6120G/XG Manual page 498
Hp procurve series 6120 blade switches access security guide
Hide thumbs
Also See for ProCurve 6120G/XG:
- Configuration manual (662 pages) ,
- Manual (469 pages) ,
- Management manual (222 pages)
Table of Contents
Advertisement
Configuring Port-Based and User-Based Access Control (802.1X)
802.1X Open VLAN Mode
Condition
Note: Limitation on Using an
Unauthorized-Client VLAN on an
802.1X Port Configured to Allow
Multiple-Client Access
N o t e
If you use the same VLAN as the Unauthorized-Client VLAN for all authenti
cator ports, unauthenticated clients on different ports can communicate with
each other.
12-42
Rule
You can optionally enable switches to allow up to 32 clients per-port.
The Unauthorized-Client VLAN feature can operate on an 802.1X
configured port regardless of how many clients the port is configured
to support. However, all clients on the same port must operate through
the same untagged VLAN membership. This means that any client
accessing a given port must be able to authenticate and operate on
the same VLAN as any other previously authenticated clients that are
currently using the port. Thus, an Unauthorized-Client VLAN
configured on a switch port that allows multiple 802.1X clients cannot
be used if there is already an authenticated client using the port on
another VLAN. Also, a client using the Unauthenticated-Client VLAN
will be blocked when another client becomes authenticated on the
port. For this reason, the best utilization of the Unauthorized-Client
VLAN feature is in instances where only one client is allowed per-port.
Otherwise, unauthenticated clients are subject to being blocked at
any time by authenticated clients using a different VLAN. (Using the
same VLAN for authenticated and unauthenticated clients can create
a security risk and is not recommended.)
Hide quick links:
Advertisement
Table of Contents
