EasyManuals Logo

HP J9574A Access Security Guide

HP J9574A
732 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #305 background imageLoading...
Page #305 background image
7-15
Configuring RADIUS Server Support for Switch Services
Configuring and Using Dynamic (RADIUS-Assigned) Access Control Lists
Implementing the feature requires:
RADIUS authentication using the 802.1X, Web authentication, or MAC
authentication available on the switch to provide client authentica-
tion services
configuring one or more ACLs on a RADIUS server (instead of the
switch), and assigning each ACL to the username/password pair or
MAC address of the client(s) you want the ACLs to support
Using RADIUS to dynamically apply ACLs to clients on edge ports enables the
switch to filter IP traffic coming from outside the network, thus removing
unwanted IP traffic as soon as possible and helping to improve system
performance. Also, applying RADIUS-assigned ACLs to the network edge is
likely to be less complex than configuring static port and VLAN-based ACLs
in the network core to filter unwanted IP traffic that could have been filtered
at the edge.
Note A RADIUS-assigned ACL filters inbound IP traffic on a given port from the
client whose authentication triggered the ACL assignment to the port.
A RADIUS-assigned ACL can be applied regardless of whether IP traffic on
the port is already being filtered by other, static ACLs that are already assigned.
Table 7-6 lists the supported per-port ACL assignment capacity.
Table 7-6. Simultaneous ACL Activity Supported Per-Port
1
ACL Type Function IPv4 IPv6
VACL Static ACL assignment to filter inbound IP
traffic on a specific VLAN.
11
Port ACL Static ACL assignment to filter inbound IP
traffic on a specific port.
11
RADIUS-assigned ACL Dynamic ACL assignment to filter inbound IP
traffic from a specific client on a given port.
1-32
2
1-32
2
RACL (IPv4 only) static ACL assignment to filter routed IPv4
traffic entering or leaving the switch on a
specific VLAN
1 in
1 out
n/a
Connection-Rate ACL Static ACL assignment for virus-throttling on
a specific port. (Refer to chapter 3, “Virus
Throttling (Connection-Rate Filtering)” in this
manual.)
1n/a
1
Subject to resource availability on the switch. For more information, refer to the appendix titled
“Monitoring Resources” in the latest Management and Configuration Guide for your switch.
2
One per authenticated client, up to a maximum of 32 clients per-port for 802.1X, Web-Authentication,
and MAC-Authentication methods combined.

Table of Contents

Other manuals for HP J9574A

Preview: Manual
Manual36 pages
Preview: Installation And Getting Started Guide
Installation And Getting Started Guide112 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP J9574A and is the answer not in the manual?

HP J9574A Specifications

General IconGeneral
BrandHP
ModelJ9574A
CategorySwitch
LanguageEnglish

Related product manuals