HP 1920-16G, 1920-24G, 1920-24G-PoE+ (180W), 1920-48G, 1920-8G, 1920-8G-PoE+ (180W), 1920-8G-PoE+ (65W) 11

PKI applications ···················································································································································386 Recommended configuration procedures··················································································································386 Recommended configuration procedure for manual request··········································································386 Recommended configuration procedure for automatic request······································································388 Creating a PKI entity····················································································································································388 Creating a PKI domain ················································································································································390 Generating an RSA key pair·······································································································································393 Destroying the RSA key pair ·······································································································································394 Retrieving and displaying a certificate ······················································································································394 Requesting a local certificate······································································································································396 Retrieving and displaying a CRL ································································································································398 PKI configuration example ··········································································································································399 Configuration guidelines ·············································································································································403

Configuring MAC authentication··························································································································· 404

Overview·······································································································································································404 User account policies ··········································································································································404 Authentication methods·······································································································································404 MAC authentication timers·································································································································405 Using MAC authentication with other features ·········································································································405 VLAN assignment ················································································································································405 ACL assignment ···················································································································································405 Auth-Fail VLAN ····················································································································································405 Configuration prerequisites·········································································································································406 Recommended configuration procedure····················································································································406 Configuring MAC authentication globally ················································································································406 Configuring MAC authentication on a port ·····································································································408 MAC authentication configuration examples············································································································408 Local MAC authentication configuration example···························································································408 ACL assignment configuration example············································································································411

Configuring port security ········································································································································ 421

Configuration guidelines ·············································································································································423 Recommended configuration procedure····················································································································423 Configuring global settings for port security ·············································································································424 Configuring basic port security control······················································································································425 Configuring secure MAC addresses ··························································································································427 Configuring advanced port security control··············································································································428 Configuring permitted OUIs········································································································································429 Port security configuration examples ·························································································································430

Basic port security mode configuration example·····························································································430 Advanced port security mode configuration example ····················································································433

Configuring port isolation······································································································································· 440

Configuring the isolation group··································································································································440 Port isolation configuration example··························································································································441

Configuring authorized IP ······································································································································ 443

Configuration procedure·············································································································································443 Authorized IP configuration example·························································································································444 Network requirements·········································································································································444 Configuration procedure ····································································································································444

HP manual 11

Models: 1920-16G 1920-24G 1920-24G-PoE+ (180W) 1920-48G 1920-8G 1920-8G-PoE+ (180W) 1920-8G-PoE+ (65W)