84
Enhancements
Release L.11.08 Enhancements
When the 802.1X client session on port 2 ends, the port removes the temporary untagged VLAN
membership. The static VLAN (VLAN 33) that is “permanently” configured as untagged on the
port becomes available again. Therefore, when the RADIUS-authenticated 802.1X session on
port 2 ends, VLAN 22 access on port 2 also ends, and the untagged VLAN 33 access on port 2 is
restored as shown in Figure 6.
Figure 6. The Active Configuration for VLAN 33 Restores Port 2 After the 802.1X Session Ends
Enabling the Use of GVRP-Learned Dynamic VLANs in Authentication Sessions
Syntax: aaa port-access gvrp-vlans
Enables the use of dynamic VLANs (learned through GVRP) in the temporary
untagged VLAN assigned by a RADIUS server on an authenticated port in an
802.1X, MAC, or Web authentication session.
Enter the no form of this command to disable the use of GVRP-learned VLANs in
an authentication session.
For information on how to enable a switch to dynamically create 802.1Q-
compliant VLANs, refer to the “GVRP” chapter in the Access Security Guide.
Notes:
1. If a port is assigned as a member of an untagged dynamic VLAN, the dynamic
VLAN configuration must exist at the time of authentication and GVRP for port-
access authentication must be enabled on the switch.
If the dynamic VLAN does not exist or if you have not enabled the use of a dynamic
VLAN for authentication sessions on the switch, the authentication fails.
(Continued)
When the 802.1X session on
VLAN 22 ends, the active
configuration restores
VLAN 33 on port 2.
To Next Page
Loading...
Need help?
General