![](/images/backgrounds/285815/hp-4100gl-users-manual-549937160x1.png)
Configuring
802.1x Open VLAN Mode
Setting Up and Configuring 802.1x Open VLAN Mode
Preparation. This section assumes use of both the
Before you configure the 802.1x Open VLAN mode on a port:
■Statically configure an
Caution | Do not allow any port memberships or network services on this VLAN that |
| would pose a security risk if exposed to an unauthorized client. |
|
|
■Statically configure an
only ports that should belong to this VLAN are ports offering services and access you want available to authenticated clients. 802.1x authen-
ticator ports do not have to be members of this VLAN.
Note that if an 802.1x authenticator port is an untagged member of another VLAN, the port’s access to that other VLAN will be temporarily removed while an authenticated client is connected to the port. For example, if:
i.Port A5 is an untagged member of VLAN 1 (the default VLAN).
ii.You configure port A5 as an 802.1x authenticator port.
iii.You configure port A5 to use an
Then, if a client connects to port A5 and is authenticated, port A5 becomes an untagged member of the
■If you expect friendly clients to connect without having 802.1x suppli- cant software running, provide a server on the
■A client must either have a valid IP address configured before connecting to the switch, or download one through the Unauthorized- Client VLAN from a DHCP server. In the latter case, you will need to provide DHCP services on the
■Ensure that the switch is connected to a RADIUS server configured to support authentication requests from clients using ports config-
ured as 802.1x authenticators. (The RADIUS server should not be on the