EasyManua.ls Logo

HP J8693A

HP J8693A
778 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
13-5
Configuring Port-Based and User-Based Access Control (802.1X)
Terminology
Terminology
802.1X-Aware: Refers to a device that is running either 802.1X authenticator
software or 802.1X client software and is capable of interacting with other
devices on the basis of the IEEE 802.1X standard.
Authorized-Client VLAN: Like the Unauthorized-Client VLAN, this is a
conventional, static VLAN previously configured on the switch by the
System Administrator. The intent in using this VLAN is to provide authen-
ticated clients with network services that are not available on either the
port’s statically configured VLAN memberships or any VLAN member-
ships that may be assigned during the RADIUS authentication process.
While an 802.1X port is a member of this VLAN, the port is untagged. When
a port loses its authenticated client connection, it drops its membership
in this VLAN. Note that with multiple clients on a port, all such clients use
the same untagged, port-based VLAN membership (unless MAC-based
VLANs are enabled. Please see “MAC-Based VLANs” on page 6-51).
Authentication Server: The entity providing an authentication service to
the switch when the switch is configured to operate as an authenticator.
In the case of a switch running 802.1X, this is a RADIUS server (unless
local authentication is used, in which case the switch performs this
function using its own username and password for authenticating a
supplicant).
Authenticator: In HP applications, a switch that requires a supplicant to
provide the proper credentials before being allowed access to the net-
work.
CHAP (MD5): Challenge Handshake Authentication Protocol.
Client: In this application, an end-node device such as a management station,
workstation, or mobile PC linked to the switch through a point-to-point
LAN link.
User-Based Authentication: The 802.1X extension in the switches covered
in this guide. In this operation, multiple clients on the same port must
individually authenticate themselves.
Guest VLAN: See “Unauthorized-Client VLAN”.
EAP (Extensible Authentication Protocol): EAP enables network access that
supports multiple authentication methods.

Table of Contents

Other manuals for HP J8693A

Related product manuals