5-8
Configuring Port-Based Access Control (802.1x)
Setup Procedure for Port-Based Access Control (802.1x)
Note on 802.1x
and LACP
To help maintain security, the switch does not allow 802.1x and LACP to both
be enabled at the same time on the same port. Refer to “802.1x Operating
Messages” on page 5-28
Setup Procedure for Port-Based Access
Control (802.1x)
Before You Begin
1. Configure a local username and password on the switch for both the
Operator (login) and Manager (enable) access levels. (While this may or
may not be required for your 802.1x configuration, HP recommends that
you use a local username and password pair at least until your other
security measures are in place.)
2. Determine which ports on the switch you want to operate as authentica-
tors and/or supplicants, and disable LACP on these ports. (See the “Note
on 802.1x and LACP” on page 5-8.
3. For each port you want to operate as a supplicant, determine a username
and password pair. You can either use the same pair for each port or use
unique pairs for individual ports or subgroups of ports. (This can also be
the same local username/password pair that you assign to the switch.)
4. Unless you are using only the switch’s local username and password for
802.1x authentication, configure at least one RADIUS server to authenti-
cate access requests coming through the ports on the switch from external
supplicants (including switch ports operating as 802.1x supplicants). You
can use up to three RADIUS servers for authentication; one primary and
two backups. Refer to the documentation provided with your RADIUS
application.
!FishSecurity.book Page 8 Thursday, October 10, 2002 9:19 PM
To Next Page
Loading...
