EasyManuals Logo

HPE FlexFabric 5940 SERIES User Manual

HPE FlexFabric 5940 SERIES
571 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #108 background imageLoading...
Page #108 background image
95
Step Command Remarks
2. Enter Ethernet interface
view.
interface
interface-type
interface-number
N/A
3. Manually reauthenticate all
online 802.1X users on the
port.
dot1x re-authenticate manual
The device immediately
reauthenticates all online 802.1X
users on the port after you
execute this command.
Enabling the keep-online feature
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter Ethernet interface
view.
interface
interface-type
interface-number
N/A
3. Enable the keep-online
feature for 802.1X users.
dot1x re-authenticate
server-unreachable
keep-online
By default, this feature is disabled.
The device logs off online 802.1X
users if no authentication server is
reachable for 802.1X
reauthentication, either manually
or periodically.
Use the keep-online feature
according to the actual network
condition.
In a fast-recovery network, you
can use the keep-online feature to
prevent 802.1X users from
coming online and going offline
frequently.
Configuring an 802.1X guest VLAN
Configuration guidelines
When you configure an 802.1X guest VLAN, follow these guidelines:
• You can configure only one 802.1X guest VLAN on a port. The 802.1X guest VLANs on different
ports can be different.
• Assign different IDs to the voice VLAN, the port VLAN, and the 802.1X guest VLAN on a port.
The assignment makes sure the port can correctly process incoming VLAN-tagged traffic.
• When you configure multiple security features on a port, follow the guidelines in Table 8.
Table 8
Relationships of the 802.1X guest VLAN and other security features
Feature Relationship description Reference
Super VLAN
You cannot specify a VLAN as both a super
VLAN and an 802.1X guest VLAN.
See Layer 2—LAN
Switching Configuration
Guide.
802.1X Auth-Fail VLAN
on a port that performs
MAC-based access
control
The 802.1X Auth-Fail VLAN has a higher
priority than the 802.1X guest VLAN.
See "802.1X VLAN
mani
pulation."

Table of Contents

Other manuals for HPE FlexFabric 5940 SERIES

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexFabric 5940 SERIES and is the answer not in the manual?

HPE FlexFabric 5940 SERIES Specifications

General IconGeneral
BrandHPE
ModelFlexFabric 5940 SERIES
CategorySwitch
LanguageEnglish

Related product manuals