EasyManua.ls Logo

HP 5500 HI Series

HP 5500 HI Series
444 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
186
If a terminal passes 802.1X or portal authentication, no other types of authentication will be
triggered for the terminal.
If the terminal passes MAC authentication, no portal authentication can be triggered for the
terminal, but 802.1X authentication can be triggered. When the terminal passes 802.1X
authentication, the 802.1X authentication information will overwrite the MAC authentication
information for the terminal.
Using triple authentication with other features
A triple authentication enabled access port supports working with the following features.
VLAN assignment
After a terminal passes authentication, the authentication server assigns an authorized VLAN to the
access port for the access terminal. The terminal can then access the network resources in the authorized
VLAN.
Auth-Fail VLAN or MAC authentication guest VLAN
After a terminal fails authentication, the access port:
Adds the terminal to an Auth-Fail VLAN, if it uses 802.1X or portal authentication service.
Adds the terminal to a MAC authentication guest VLAN, if it uses MAC authentication service.
A terminal may undergo all three types of authentication. If it fails to pass all types of authentication, the
access port adds the terminal to the 802.1X Auth-Fail VLAN.
ACL assignment
You can specify an authorization ACL for an authenticated user to control its access to network resources.
After the user passes MAC authentication, the authentication server, either the local access device or a
RADIUS server, assigns the ACL onto the access port to filter traffic for the user.
You must configure the ACLs on the access device, whether the authentication server is the access device
or a remote AAA server.
Detection of online terminals
You can enable an online detection timer, which is configurable, to detect online portal clients.
You can enable the online handshake or periodic re-authentication function to detect online 802.1X
clients at a configurable interval.
You can enable an offline detection timer to detect online MAC authentication terminals at a
configurable interval.
For more information about the extended functions, see "Configuring 802.1X," "Configuring MAC
a
uthentication," and "Configuring portal authentication."
Configuring triple authentication
Ste
p
Command
Remarks
1. Configure 802.1X
authentication.
See "Configuring 802.1X"
Configure at least one type of
authentication.
802.1X authentication must use
2. Configure MAC authentication.
See "Configuring MAC
authentication"

Table of Contents

Other manuals for HP 5500 HI Series

Related product manuals