HPE FlexFabric 5940 SERIES

To Next Page

To Previous Page

Configuring 802.1X ······················································································· 79

Access control methods ··································································································································· 79

802.1X VLAN manipulation ······························································································································ 79

Authorization VLAN ·································································································································· 79

Guest VLAN ············································································································································· 81

Auth-Fail VLAN ········································································································································ 82

Critical VLAN ············································································································································ 83

Critical voice VLAN ·································································································································· 85

Using 802.1X authentication with other features ····························································································· 86

ACL assignment ······································································································································· 86

User profile assignment ··························································································································· 86

EAD assistant ··········································································································································· 86

Redirect URL assignment ························································································································ 87

Configuration prerequisites ······························································································································ 87

802.1X configuration task list ··························································································································· 87

Enabling 802.1X ··············································································································································· 88

Enabling EAP relay or EAP termination ··········································································································· 88

Setting the port authorization state ·················································································································· 89

Specifying an access control method ·············································································································· 89

Setting the maximum number of concurrent 802.1X users on a port ······························································· 90

Setting the maximum number of authentication request attempts ··································································· 90

Setting the 802.1X authentication timeout timers ···························································································· 90

Configuring online user handshake ················································································································· 91

Configuration guidelines ··························································································································· 91

Configuration procedure ··························································································································· 91

Configuring the authentication trigger feature ·································································································· 92

Configuration guidelines ··························································································································· 92

Configuration procedure ··························································································································· 92

Specifying a mandatory authentication domain on a port ················································································ 92

Setting the quiet timer ······································································································································ 93

Configuring 802.1X reauthentication ················································································································ 93

Overview ·················································································································································· 93

Configuration restrictions and guidelines ································································································· 94

Configuring 802.1X periodic reauthentication ·························································································· 94

Configuring 802.1X manual reauthentication ··························································································· 94

Enabling the keep-online feature ············································································································· 95

Configuring an 802.1X guest VLAN ················································································································· 95

Configuration guidelines ··························································································································· 95

Configuration prerequisites ······················································································································ 96

Configuration procedure ··························································································································· 96

Enabling 802.1X guest VLAN assignment delay ····························································································· 96

Configuring an 802.1X Auth-Fail VLAN ··········································································································· 97

Configuration guidelines ··························································································································· 97

Configuration prerequisites ······················································································································ 97

Configuration procedure ··························································································································· 98

Configuring an 802.1X critical VLAN ················································································································ 98

Configuration guidelines ··························································································································· 98

Configuration prerequisites ······················································································································ 98

Enabling the 802.1X critical voice VLAN ·········································································································· 99

Configuration restrictions and guidelines ································································································· 99

Configuration prerequisites ······················································································································ 99

Configuration procedure ··························································································································· 99

Specifying supported domain name delimiters ································································································ 99

Enabling 802.1X user IP freezing ·················································································································· 100

Sending 802.1X protocol packets out of a port without VLAN tags ······························································· 100

Setting the maximum number of 802.1X authentication attempts for MAC authenticated users ··················· 101

Configuring the EAD assistant feature ··········································································································· 101

Displaying and maintaining 802.1X ················································································································ 102

802.1X authentication configuration examples ······························································································ 102

Basic 802.1X authentication configuration example ·············································································· 102