98
Configuration prerequisites
• Create the VLAN to be specified as the 802.1X guest VLAN.
• If the 802.1X-enabled port performs port-based access control, enable 802.1X multicast trigger.
Configuration procedure
To configure an 802.1X guest VLAN:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Configure an 802.1X
guest VLAN for one or
more ports in system
view or Ethernet
interface view.
• In system view:
dot1x guest-vlan guest-vlan-id
[ interface interface-list ]
• In Ethernet interface view:
a. interface interface-type
interface-number
b. dot1x guest-vlan guest-vlan-id
By default, no 802.1X guest
VLAN is configured on any
port.
Configuring an Auth-Fail VLAN
Configuration guidelines
Follow these guidelines when configuring an 802.1X Auth-Fail VLAN:
• 802.1X Auth-Fail VLAN is not supported on a port that performs MAC-based access control.
• Assign different IDs to the voice VLAN, the port VLAN, and the 802.1X Auth-Fail VLAN on a port,
so the port can correctly process VLAN tagged incoming traffic.
• You can configure only one 802.1X Auth-Fail VLAN on a port. The 802.1X Auth-Fail VLANs on
different ports can be different.
• You cannot specify a VLAN as both a super VLAN and an 802.1X Auth-Fail VLAN. For more
information about super VLAN, see HPE FlexNetwork MSR Router Series Comware 5 Layer
2—LAN Switching Configuration Guide.
Configuration prerequisites
• Create the VLAN to be specified as the 802.1X Auth-Fail VLAN.
• If the 802.1X-enabled port performs port-based access control, enable 802.1X multicast trigger.
• If the 802.1X-enabled port performs MAC-based access control, configure the port as a hybrid
port, enable MAC-based VLAN on the port, and assign the port to the Auth-Fail VLAN as an
untagged member. For more information about the MAC-based VLAN function, see HPE
FlexNetwork MSR Router Series Comware 5 Layer 2—LAN Switching Configuration Guide.
Configuration procedure
To configure an Auth-Fail VLAN:
To Next Page
Loading...
Need help?
General
