|
| Configuring |
|
| 802.1X Open VLAN Mode |
|
|
|
Condition | Rule |
|
|
| |
IP Addressing for a Client Connected | A client can either acquire an IP address from a DHCP server or have | |
to a Port Configured for 802.x Open | a preconfigured, manual IP address before connecting to the switch. | |
VLAN Mode |
|
|
|
| |
802.1X Supplicant Software for a | A friendly client, without 802.1X supplicant software, connecting to an | |
Client Connected to a Port Configured | authenticator port must be able to download this software from the | |
for 802.1X Open VLAN Mode | ||
|
| |
Switch with a Port Configured To | When a new client is authenticated on a given port: | |
Allow Multiple | • If no other clients are authenticated on that port, then the port joins | |
Sessions | one VLAN in the following order of precedence: | |
| a. A | |
| b. | An |
| c. | A static, |
|
| untagged member. |
| d. | Any VLAN(s) to which the port is configured as a tagged |
|
| member (provided that the client can operate in that VLAN). |
| • If another client is already authenticated on the port, then the port | |
| is already assigned to a VLAN for the | |
| session, and the new client must operate in this same VLAN, | |
| regardless of other factors. (This means that a client without 802.1X | |
| client authentication software cannot access a configured, | |
| ||
| already using the port.) | |
|
| |
Note: Limitation on Using an | You can optionally enable switches to allow up to 2 clients | |
The | ||
802.1X Port Configured to Allow | configured port regardless of how many clients the port is configured | |
to support. However, all clients on the same port must operate through | ||
| the same untagged VLAN membership. This means that any client | |
| accessing a given port must be able to authenticate and operate on | |
the same VLAN as any other previously authenticated clients that are currently using the port. Thus, an