HP ProCurve MSM317 Installation And Getting Started Manual page 34
Access device
Hide thumbs
Also See for ProCurve MSM317:
- Installation and configuration manual (61 pages) ,
- Deployment manual (21 pages) ,
- Installation manual (4 pages)
Table of Contents
Advertisement
Configuration
Provisioning the MSM317
802.1X
Enable this option when the MSM317 Uplink port is connected to a secured switch port that
requires 802.1X authentication. Once the MSM317 is authenticated, controller discovery
proceeds as usual.
Note
If this option is enabled and the MSM317 Uplink port is connected to a unsecured switch
port, 802.1X is ignored and discovery proceeds as usual.
In this type of environment. deployment can be a challenge, since the MSM317 must already
be configured with the correct 802.1X username and password before it is connected to the
secured switch port. There are three solutions to this problem:
During MSM317 deployment, 802.1X is deactivated on the secured switch port. The
MSM317 is connected and provisioned with the correct 802.1X settings by the controller.
Once the MSM317 is synchronized, 802.1X authentication can be enabled on the secured
switch ports.
Before being deployed, the MSM317 is first connected to a controller via a non-secure
switch. The MSM317 is provisioned and synchronized with the correct 802.1X settings by
the controller. Next, the MSM317 is deployed to its final location.
Before being deployed, you could connect the MSM317 to a computer and configure the
appropriate 802.1X settings using the MSM317 provisioning interface. This solution is
effective for small deployments, but is not a realistic option for a large deployments.
Important
The secured switch port is expected to be multi-homed, so that once authentication is
successful, tagged and untagged traffic for any MAC addresses (including wireless clients)
will be accepted by the switch.
EAP method
Select the extensible authentication protocol method to use:
PEAP version 0: Authentication occurs using MS-CHAP V2.
PEAP version 1: Authentication occurs using EAP-GTC.
TTLS: The Tunneled Transport Layer Security protocol requires that the switch first
authenticate itself to the MSM317 by sending a PKI certificate. The MSM317 authenticates
itself to the secured switch port by supplying a username and password over the secure
tunnel.
Username
Username that the MSM317 will use inside the TLS tunnel.
Password / Confirm password
Password assigned to the MSM317.
Anonymous
Name used outside the TLS tunnel by all three EAP methods. If this field is blank, then the
value specified for Username is used instead.
3-6
- Quick Links:
- Introducing the Msm317 Access Device
Hide quick links:
Advertisement
Table of Contents
