Configuring Port-Based and Client-Based Access Control (802.1X)
How RADIUS/802.1X Authentication Affects VLAN Operation
Thi i
i
li
),
l show vlan 22
i
s entry shows that port A2 s temporarily untagged on
VLAN 22 for an 802.1X session. This is to accommodate
an 802.1X client’s access, authenticated by a RADIUS
server, where the server ncluded an instruction to put
the c ent’s access on VLAN 22.
Note: With the current VLAN configuration (figure 10-7
the on y time port A2 appears in this listing
s during an 802.1X session with an attached client.
Otherwise, port A2 is not listed.
Figure 10-8. The Active Configuration for VLAN 22 Temporarily Changes for the 802.1X Session
â– With the preceding in mind, since (static) VLAN 33 is configured as
untagged on port A2 (see figure
10-7), and since a port can be untagged
on only one VLAN, port A2 loses access to VLAN 33 for the duration of
the 802.1X session involving VLAN 22. You can verify the temporary loss
of access to VLAN 33 with the show vlan 33 command.
is
on (static) VLAN 33 (see
i
ith VLAN 22
Even though port A2
configured as Untagged
figure 10-7), it does not
appear in the VLAN 33
listing while the 802.1X
session is using VLAN 22
n the Untagged status.
However, after the 802.1X
session w
ends, the active
configuration returns port
A2 to VLAN 33.
Figure 10-9. The Active Configuration for VLAN 33 Temporarily Drops Port 22 for the 802.1X Session
10-51
To Next Page
Loading...
Need help?
General