HP ProCurve Switch 2650

To Next Page

To Previous Page

1. Assigning Local Operator and Manager Passwords . . . . . . . . . . . . . 4-9

2. Generating the Switch’s Public and Private Key Pair . . . . . . . . . . 4-10

3. Providing the Switch’s Public Key to Clients . . . . . . . . . . . . . . . . . . 4-12

4. Enabling SSH on the Switch and Anticipating SSH

Client Contact Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15

5. Configuring the Switch for SSH Authentication . . . . . . . . . . . . . . . 4-18

6. Use an SSH Client To Access the Switch . . . . . . . . . . . . . . . . . . . . . 4-21

MoreInformation on SSH Client Public-Key Authentication . . . . 4-21

Messages Related to SSH Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-26

5 Configuring Port-Based Access Control (802.1x)

Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2

Why Use Port-Based Access Control? . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2

General Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2

How 802.1x Operates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4

Authenticator Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4

Switch-Port Supplicant Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5

Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6

General Operating Rules and Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7

Setup Procedure for Port-Based Access Control (802.1x) . . . . . . . 5-8

Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8

Overview: Configuring 802.1x Authentication on the Switch . . . . . . . 5-9

Configuring Switch Ports as 802.1x Authenticators . . . . . . . . . . . . 5-10

1. Disable LACP on the Ports Selected for 802.1x Access . . . . . . . . . 5-10

2. Enable 802.1x Authentication on Selected Ports . . . . . . . . . . . . . . 5-11

3. Configure the 802.1x Authentication Method . . . . . . . . . . . . . . . . . 5-13

4. Enter the RADIUS Host IP Address(es) . . . . . . . . . . . . . . . . . . . . . . 5-14

5. Optional: For Authenticator Ports, Configure Port-

Security To Allow Only 802.1x Devices . . . . . . . . . . . . . . . . . . . . . . 5-15

6. Enable 802.1x Authentication on the Switch . . . . . . . . . . . . . . . . . . 5-16

Configuring Switch Ports To Operate As Supplicants for 802.1x

Connections to Other Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-17

!FishSecurity.book Page vi Thursday, October 10, 2002 9:19 PM

Related product manuals