13-74
Configuring Port-Based and User-Based Access Control (802.1X)
How RADIUS/802.1X Authentication Affects VLAN Operation
Figure 13-21. The Active Configuration for VLAN 22 Temporarily Changes for the 802.1X Session
However, as shown in Figure 13-20, because VLAN 33 is configured as
untagged on port A2 and because a port can be untagged on only one VLAN,
port A2 loses access to VLAN 33 for the duration of the 802.1X session on
VLAN 22.
You can verify the temporary loss of access to VLAN 33 by entering the show
vlan 33 command as shown in Figure 13-22.
HP Switch(config)# show vlan 22
Status and Counters - VLAN Information - VLAN 22
VLAN ID : 22
Name : vlan 22
Status : Static
Voice : No
Jumbo : No
Port Information Mode Unknown VLAN Status
---------------- -------- ------------ ----------
A1 Tagged Learn Up
A2 802.1X Learn Up
A4 Tagged Learn Up
.
.
.
Overriden Port VLAN configuration
Port Mode
---- ----------
A2 No
This entry shows that port A2 is temporarily untagged on
VLAN 22 for an 802.1X session. This is to accommodate
an 802.1X client’s access, authenticated by a RADIUS
server, where the server included an instruction to put
the client’s access on VLAN 22.
Note: With the current VLAN configuration (figure 13-20),
the only time port A2 appears in this show vlan 22 listing
is during an 802.1X session with an attached client.
Otherwise, port A2 is not listed.
To Next Page
Loading...
Need help?
General