Configuring
General Setup Procedure for 802.1X Access Control
General Setup Procedure for 802.1XAccess ControlDo These Steps Before You Configure 802.1X Operation
1.Configure a local username and password on the switch for both the Operator (login) and Manager (enable) access levels. (While this may or may not be required for your 802.1X configuration, ProCurve recommends that you use a local username and password pair at least until your other security measures are in place.)
2.Determine which ports on the switch you want to operate as authentica- tors and/or supplicants, and disable LACP on these ports. (See the “Note on 802.1X and LACP” on page
3.Determine whether to use
4.Determine whether to use the optional 802.1X Open VLAN mode for clients that are not
5.For each port you want to operate as a supplicant, determine a username and password pair. You can either use the same pair for each port or use unique pairs for individual ports or subgroups of ports. (This can also be the same local username/password pair that you assign to the switch.)
6.Unless you are using only the switch’s local username and password for 802.1X authentication, configure at least one RADIUS server to authenti- cate access requests coming through the ports on the switch from external supplicants (including switch ports operating as 802.1X supplicants). You can use up to three RADIUS servers for authentication; one primary and two backups. Refer to the documentation provided with your RADIUS application.