Table of Contents
Advertisement
802.1X Open VLAN Mode
802.1X Authentication Commands
802.1X Supplicant Commands
802.1X Open VLAN Mode Commands
[no] aaa port-access authenticator [e] < port-list >
[auth-vid < vlan-id >]
[unauth-vid < vlan-id >]
802.1X-Related Show Commands
RADIUS server configuration
This section describes how to use the 802.1X Open VLAN mode to configure
unauthorized-client and authorized-client VLANs on ports configured as
802.1X authenticators.
Introduction
Configuring the 802.1X Open VLAN mode on a port changes how the port
responds when it detects a new client. In earlier releases, a "friendly" client
computer not running 802.1X supplicant software could not be authenticated
on a port protected by 802.1X access security. As a result, the port would
become blocked and the client could not access the network. This prevented
the client from:
Acquiring IP addressing from a DHCP server
Downloading the 802.1X supplicant software necessary for an authen
tication session
The 802.1X Open VLAN mode solves this problem by temporarily suspending
the port's static, tagged and untagged VLAN
in a designated Unauthorized-Client VLAN. In this state the client can
proceed with initialization services, such as acquiring IP addressing and
802.1X software, and starting the authentication process. Following client
authentication, the port drops its temporary (untagged) membership in the
Unauthorized-Client VLAN and joins (or rejoins) one of the following as an
untagged member:
Configuring Port-Based Access Control (802.1X)
802.1X Open VLAN Mode
memberships
and placing the port
page 8-15
page 8-35
page 8-30
page 8-38
pages 8-20
8-21
Hide quick links:
Advertisement
Table of Contents
