Configuring Port-Based and User-Based Access Control (802.1X)

Configuring Switch Ports as 802.1X Authenticators

Because a port can be configured for more than one type of authentication to protect the switch from unauthorized access, the last setting you configure with the aaa port-access controlled-directions command is applied to all authentication methods configured on the switch.

For information about how to configure and use MAC and Web authentication, refer to chapter 3, “Web and MAC Authentication”.

To display the currently configured 802.1X Controlled Directions value, enter the show port-access authenticator config command as shown in Figure 10-11.

When an 802.1X-authenticated port is configured with the controlled- directions in setting, eavesdrop prevention is not supported on the port.

Example: Configuring 802.1X Controlled Directions

The following example shows how to enable the transmission of Wake-on- LAN traffic in the egress direction on an 802.1X-aware port before it transitions to the 802.1X authenticated state and successfully authenticates a client device.

ProCurve(config)# aaa port-access authenticator a10 ProCurve(config)# aaa authentication port-access eap-radius ProCurve(config)# aaa port-access authenticator active ProCurve(config)# aaa port-access a10 controlled-directions in

Figure 10-7. Example of Configuring 802.1X Controlled Directions

10-28