18
HABP CONFIGURATION
Introduction to HABP With 802.1x enabled, a switch authenticates and then authorizes 802.1x-enabled
ports. Packets can be forwarded only by authorized ports. Received packets are,
therefore, filtered for ports connected to a switch that is not authenticated and
authorized by 802.1x. This means that you cannot manage the attached switches.
3Com authentication bypass protocol (HABP) is designed to address this problem.
An HABP packet carries the MAC addresses of the attached switches with it. It can
bypass the 802.1x authentications when traveling between HABP-enabled
switches, through which management devices can obtain the MAC addresses of
the attached switches and thus the management of the attached switches is
feasible.
HABP is implemented by HABP server and HABP client. Normally, an HABP server
sends HABP request packets regularly to HABP clients to collect the MAC
addresses of the attached switches. HABP clients respond to the HABP request
packets and forward the HABP request packets to lower-level switches. HABP
servers usually reside on management devices and HABP clients usually on
attached switches.
For ease of switch management, it is recommended that you enable HABP for
802.1x-enabled switches.
HABP Server
Configuration
With the HABP server launched, a management device sends HABP request
packets regularly to the attached switches to collect their MAC addresses. You
need also to configure the interval on the management device for an HABP server
to send HABP request packets.
Tab le 171 Configure an HABP server
Operation Command Remarks
Enter system view system-view -
Enable HABP habp enable Optional
By default, HABP is enabled.
Configure the current
switch to be an HABP
server
habp server vlan vlan-id Required
By default, a switch operates as an
HABP client after you enable HABP
on the switch. If you want to use
the switch as a management
switch, you need to configure the
switch to be an HABP server.
To Next Page
Loading...
