Configuration Examples; 802.1X Configuration Example - HP V1910 User Manual

V1910 switch series
Hide thumbs Also See for V1910:
Table of Contents

Advertisement

Item
HandShake
Enable Re-authentication
Guest VLAN
Return to
802.1X configuration task
Configuring an 802.1X guest VLAN
Table 111
Configuration guidelines
You can configure only one 802.1X guest VLAN on a port. The 802.1X guest VLANs on different ports
can be different.
Assign different IDs for the voice VLAN, default VLAN, and 802.1X guest VLAN on a port, so the port
can correctly process incoming VLAN tagged traffic.
With 802.1X authentication, a hybrid port is always assigned to a VLAN as an untagged member.
After the assignment, do not re-configure the port as a tagged member in the VLAN.
Table 112
Configuration prerequisites
Create the VLAN to be specified as the 802.1X guest VLAN.
On the 802.1X-enabled port that performs port-based access control, enable 802.1X multicast trigger
at the command line interface. (802.1X multicast trigger is enabled by default.)

Configuration examples

802.1X configuration example

Network requirements
As shown in a, it is required to perform 802.1X authentication on port GigabitEthernet 1/0/1 to
control user access to the Internet, configure the access control method as MAC address based on the
port, and enable periodic re-authentication of online users on the port, so that the server can
periodically update the authorization information of the users.
Description
Specify whether to enable the online user handshake function.
The online user handshake function checks the connectivity status of online
802.1X users. The network access device sends handshake messages to online
users at the interval specified by the Handshake Period setting. If no response is
received from an online user after the maximum number of handshake attempts
(set by the Retry Times setting) has been made, the network access device sets the
user in the offline state. For information about the timers, see 4.
IMPORTANT:
If the network has 802.1X clients that cannot exchange handshake packets with
the network access device, disable the online user handshake function to prevent
their connections from being inappropriately torn down.
Specify whether to enable periodic online user re-authentication on the port.
Periodic online user re-authentication tracks the connection status of online users
and updates the authorization attributes assigned by the server, such as the ACL,
and VLAN. The re-authentication interval is specified by the Re-Authentication
Period setting in
4.
Specify an existing VLAN as the guest VLAN. For more information, see
"Configuring an 802.1X guest
list.
334
VLAN."

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

V1910-24g-poe (365w)V1910-24g-poe (170w)

Table of Contents