HP 8200ZL 36

Command Line Interface Reference Guide	aaa

ewa-server

■[no] aaa port-access web-based ewa-server

IP address or hostname of the enhanced web authentication server on the device.

Next Available Options:

■ip-addr-- IP address of the enahced web auth server. (IP-ADDR) (p. 35)

■host-name-- Hostname of the enhanced web auth server. (ASCII-STR) (p. 35)

exec

■[no] aaa accounting exec

Usage: [no] aaa accounting exec <start-stopstop-only>


		<radius>
Description: Configure 'exec' type			of accounting.
Parameters:		Send a start record accounting notice at the
o start-stop -
		beginning and a stop record notice at the end
		of the accounting session. Do not wait for
o stop-only	-	acknowledgement.
		Send a stop record accounting notice at the end
		of the accounting session.Do not wait for
o radius	-	acknowledgement.
		Use RADIUS as the accounting protocol

Next Available Option:

■mode < start-stop stop-only > -- Specify how to initiate and terminate an accounting session.

(p. 40)

gvrp-vlans

■[no] aaa port-access gvrp-vlans

Usage: [no] aaa port-access gvrp-vlans

Description: Enables the use of dynamic VLANs (learned through GVRP) in the temporary untagged VLAN assigned by a RADIUS server on an authenticated port in an 802.1X, MAC, or Web authentication session.

Enter the no form of this command to disable the use of GVRP-learned VLANs in an authentication session.

Notes:

1. If a port is assigned as a member of an untagged dynamic VLAN, the dynamic VLAN configuration must exist at the time of authentication and GVRP for port-access

authentication must be enabled on the switch.

If the dynamic VLAN does not exist or if you have not enabled the use of a dynamic

VLAN for authentication sessions on the switch, the authentication fails.

2. After you enable dynamic VLAN assignment in an authentication session, it is recommended that you use the interface unknown-vlans command on a per-port basis

prevent denial-of-service attacks. The interface unknown-vlans command allows you to: