HP 6125XLG Configuration Manual page 4

EAP termination ····················································································································································· 66
Configuring 802.1X ·················································································································································· 68
HP implementation of 802.1X ······································································································································ 68
Configuration prerequisites ··········································································································································· 68
802.1X configuration task list ······································································································································· 68
Enabling 802.1X ···························································································································································· 69
Enabling EAP relay or EAP termination ······················································································································· 69
Setting the port authorization state ······························································································································ 70
Specifying an access control method ·························································································································· 70
Setting the maximum number of concurrent 802.1X users on a port ······································································· 70
Setting the maximum number of authentication request attempts ············································································· 71
Setting the 802.1X authentication timeout timers ······································································································· 71
Configuring the online user handshake function ········································································································ 72
Configuring the authentication trigger function ·········································································································· 72
Configuration guidelines ······································································································································ 73
Configuration procedure ······································································································································ 73
Specifying a mandatory authentication domain on a port ························································································ 73
Configuring the quiet timer ··········································································································································· 74
Enabling the periodic online user re-authentication function ····················································································· 74
Displaying and maintaining 802.1X ··························································································································· 75
802.1X authentication configuration example ··········································································································· 75
Network requirements ··········································································································································· 75
Configuration procedure ······································································································································ 75
Verifying the configuration ··································································································································· 77
Configuring MAC authentication ······························································································································ 78
Overview ········································································································································································· 78
User account policies ············································································································································ 78
Authentication methods········································································································································· 78
Configuration prerequisites ··········································································································································· 79
Configuration task list ···················································································································································· 79
Enabling MAC authentication ······································································································································ 79
Specifying a MAC authentication domain ·················································································································· 80
Configuring the user account format ···························································································································· 80
Configuring MAC authentication timers ······················································································································ 81
Setting the maximum number of concurrent MAC authentication users on a port ·················································· 81
Displaying and maintaining MAC authentication ······································································································ 82
Local MAC authentication configuration example ····································································································· 82
Network requirements ··········································································································································· 82
Configuration procedure ······································································································································ 82
Verifying the configuration ··································································································································· 83
RADIUS-based MAC authentication configuration example ····················································································· 84
Network requirements ··········································································································································· 84
Configuration procedure ······································································································································ 84
Verifying the configuration ··································································································································· 85
Configuring port security ··········································································································································· 87
Overview ········································································································································································· 87
Port security features ············································································································································· 87
Port security modes ··············································································································································· 87
Configuration task list ···················································································································································· 90
Enabling port security ···················································································································································· 90
Setting port security's limit on the number of secure MAC addresses on a port ···················································· 91
Setting the port security mode ······································································································································ 91
Configuring port security features ································································································································ 92
ii