HP ProCurve 5300xl Series

To Next Page

To Previous Page

8 Configuring Port-Based Access Control (802.1x)

Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2

Why Use Port-Based Access Control? . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2

General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2

How 802.1x Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5

Authenticator Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5

Switch-Port Supplicant Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-6

Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7

General Operating Rules and Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9

General Setup Procedure for Port-Based Access Control

(802.1x) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11

Do These Steps Before You Configure 802.1x Operation . . . . . . . . . 8-11

Overview: Configuring 802.1x Authentication on the Switch . . . . . . 8-12

Configuring Switch Ports as 802.1x Authenticators . . . . . . . . . . . . 8-14

1. Enable 802.1x Authentication on Selected Ports . . . . . . . . . . . . . . 8-14

3. Configure the 802.1x Authentication Method . . . . . . . . . . . . . . . . . 8-18

4. Enter the RADIUS Host IP Address(es) . . . . . . . . . . . . . . . . . . . . . . 8-19

5. Enable 802.1x Authentication on the Switch . . . . . . . . . . . . . . . . . . 8-19

802.1x Open VLAN Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-20

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-20

Use Models for 802.1x Open VLAN Modes . . . . . . . . . . . . . . . . . . . . . 8-21

Operating Rules for Authorized-Client and Unauthorized-Client

VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-24

Setting Up and Configuring 802.1x Open VLAN Mode . . . . . . . . . . . . 8-26

802.1x Open VLAN Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-30

Option For Authenticator Ports: Configure Port-Security

To Allow Only 802.1x Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-31

Configuring Switch Ports To Operate As Supplicants for

802.1x Connections to Other Switches . . . . . . . . . . . . . . . . . . . . . . . . 8-33

Displaying 802.1x Configuration, Statistics, and Counters . . . . . . 8-37

Show Commands for Port-Access Authenticator . . . . . . . . . . . . . . . . 8-37

Viewing 802.1x Open VLAN Mode Status . . . . . . . . . . . . . . . . . . . . . . . 8-39

Show Commands for Port-Access Supplicant . . . . . . . . . . . . . . . . . . . 8-42

HP ProCurve 5300xl Series - Page 10