H3C S3100 Series Operation Manual page 375
H3c s3100 series ethernet switches operation manual
Hide thumbs
Also See for S3100 Series:
- Command manual (1244 pages) ,
- Installation manual (94 pages) ,
- Operation manual (32 pages)
Table of Contents
Advertisement
The 802.1x client needs to capable of detecting multiple network adapters, proxies, and IE proxies.
The CAMS server is configured to disable the use of multiple network adapters, proxies, or IE
proxies.
By default, an 802.1x client program allows use of multiple network adapters, proxies, and IE proxies. In
this case, if the CAMS server is configured to disable use of multiple network adapters, proxies, or IE
proxies, it prompts the 802.1x client to disable use of multiple network adapters, proxies, or IE proxies
through messages after the supplicant system passes the authentication.
The client-checking function needs the support of H3C's 802.1x client program.
To implement the proxy detecting function, you need to enable the function on both the 802.1x
client program and the CAMS server in addition to enabling the client version detecting function on
the switch by using the dot1x version-check command.
Checking the client version
With the 802.1x client version-checking function enabled, a switch checks the version and validity of an
802.1x client to prevent unauthorized users or users with earlier versions of 802.1x client from logging
in.
This function makes the switch to send version-requesting packets again if the 802.1x client fails to
send version-reply packet to the switch when the version-checking timer times out.
The 802.1x client version-checking function needs the support of H3C's 802.1x client program.
The Guest VLAN function
The Guest VLAN function enables supplicant systems that are not authenticated to access network
resources in a restrained way.
The Guest VLAN function enables supplicant systems that do not have 802.1x client installed to access
specific network resources. It also enables supplicant systems that are not authenticated to upgrade
their 802.1x client programs.
Depending on the VLAN assignment mode, a guest VLAN can be a port-based guest VLAN (PGV) or a
MAC-based guest VLAN (MGV). For details about VLAN assignment, refer to the AAA Operation
manual.
1)
PGV
With PGV configured on a port, if no user initiates authentication on the port in a certain period of time,
the port will be added to the guest VLAN and all users accessing the port will be authorized to access
the resources in the guest VLAN.
1-10
Advertisement
Chapters
Table of Contents
Troubleshooting
