Configuring An 802.1X Port-Based Guest Vlan - HP 4800G Series Configuration Manual

Hide thumbs

Table of Contents

Enter system view

Enter Ethernet interface view

Set the port access control

mode for the port

Set the port access control

method for the port

Set the maximum number of

users for the port

Enable online user handshake

Enable multicast trigger

Specify the mandatory

authentication domain for the

Enabling 802.1X on a port is mutually exclusive with adding the port to an aggregation group and

adding the port to a service loopback group.

In EAP relay authentication mode, the device encapsulates the 802.1X user information in the EAP

attributes of RADIUS packets and sends the packets to the RADIUS server for authentication. In

this case, you can configure the user-name-format command but it does not take effect. For

information about the user-name-format command, refer to AAA Commands in the Security

If the username of a client contains the version number or one or more blank spaces, you can

neither retrieve information nor disconnect the client by using the username. However, you can use

items such as IP address and connection index number to do so.

Once enabled with the 802.1X multicast trigger function, a port sends multicast trigger messages to

the client periodically to initiate authentication.

For a user-side device sending untagged traffic, the voice VLAN function and 802.1X are mutually

exclusive and cannot be configured together on the same port. For details about voice VLAN, refer

to VLAN Configuration in the Access Volume.