HP Q.11. (2510-24) Only, VLAN, Rule, Note:, Condition, Port Response, Authorized-Client, 802.1X Per-PortConfiguration, Table 8-1.802.1X Open VLAN Mode Options

Configuring Port-Based and Client-Based Access Control (802.1X)

802.1X Open VLAN Mode

Table 8-1. 802.1X Open VLAN Mode Options

Open VLAN Mode with Only an Authorized-Client VLAN Configured:

•Port automatically blocks a client that cannot initiate an authentication session.

•If the client successfully completes an authentication session, the port becomes an untagged member of this VLAN.

Note: if RADIUS authentication assigns a VLAN, the port temporarily becomes an untagged member of the RADIUS- assigned VLAN —instead of the Authorized-Client VLAN—while the client is connected.

•If the port is statically configured as a tagged member of any other VLAN, the port returns to tagged membership in this VLAN upon successful client authentication. This happens even if the RADIUS server assigns the port to another, authorized VLAN. If the port is already configured as a tagged member of a VLAN that RADIUS assigns as an authorized VLAN, then the port becomes an untagged member of that VLAN for the duration of the client connection. After the client disconnects, the port returns to tagged membership in that VLAN.

Operating Rules for Authorized-Client and

Unauthorized-Client VLANs

Static VLANs used as Authorized- These must be configured on the switch before you configure an Client or Unauthorized-ClientVLANs 802.1X authenticator port to use them. (Use the vlan < vlan-id>

command or the VLAN Menu screen in the Menu interface.)

8-31