Configuring Switch Ports as 802.1X Authenticators . . . . . . . . . . . . . . . . . 8-15 1. Enable 802.1X Authentication on Selected Ports . . . . . . . . . . . . . . 8-15

3. Configure the 802.1X Authentication Method . . . . . . . . . . . . . . . . . 8-19

4. Enter the RADIUS Host IP Address(es) . . . . . . . . . . . . . . . . . . . . . . 8-20

5. Enable 802.1X Authentication on the Switch . . . . . . . . . . . . . . . . . 8-20

802.1X Open VLAN Mode

8-21

Introduction

8-21

Use Models for 802.1X Open VLAN Modes

8-22

Operating Rules for Authorized-Client and Unauthorized-Client VLANs

8-25

 

Setting Up and Configuring 802.1X Open VLAN Mode

8-27

802.1X Open VLAN Operating Notes

8-31

Option For Authenticator Ports: Configure Port-Security To Allow Only 802.1X Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-32

Configuring Switch Ports To Operate As Supplicants for 802.1X Connections to Other Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-34

Displaying 802.1X Configuration, Statistics, and Counters . . . . . . . . . . . . 8-38 Show Commands for Port-Access Authenticator . . . . . . . . . . . . . . . . 8-38 Viewing 802.1X Open VLAN Mode Status . . . . . . . . . . . . . . . . . . . . . . 8-40 Show Commands for Port-Access Supplicant . . . . . . . . . . . . . . . . . . . 8-43

How RADIUS/802.1X Authentication Affects VLAN Operation . . . . . . . . 8-44

Messages Related to 802.1X Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-48

9 Configuring and Monitoring Port Security

Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2

Basic Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2

Blocking Unauthorized Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3

Trunk Group Exclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4

Planning Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5

Port Security Command Options and Operation . . . . . . . . . . . . . . . . . . . . . 9-6 Retention of Static MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-10 Displaying Current Port Security Settings . . . . . . . . . . . . . . . . . . . . . . 9-10 Configuring Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-12

viii

Page 10
Image 10
HP 6108, 4100gl, 2650 (J4899A/B), 2626 (J4900A/B), 2600-PWR manual Configuring and Monitoring Port Security, Viii