252
Index
802.1X
AAA for RADIUS server 802.1X user, 50
access control methods (HP implementation), 71
access device as authentication initiator, 66
ACL assignment, 74
architecture, 63
authentication procedures, 66
Auth-Fail VLAN, 73
client as authentication initiator, 66
comparison of EAP relay and EAP termination
authentication modes, 67
configuration, 71, 83
configuring authentication, 83
configuring authentication trigger function, 78
configuring Auth-Fail VLAN, 82
configuring guest VLAN, 81, 86
configuring online user handshake function, 78
configuring quiet timer, 80
configuring VLAN assignment, 86
configuring with ACL assignment, 89
controlled/uncontrolled port, 63
displaying, 83
EAP over RADIUS, 65
EAP packet format, 64
EAP relay authentication, 67
EAP termination authentication, 70
EAP-Message attribute, 65
EAPOL packet format, 65
enabling, 74
enabling EAP relay, 75
enabling EAP termination, 75
enabling periodic online user re-authentication
function, 80
enabling security entry detection (ARP attack
protection), 230
fundamentals, 63
guest VLAN, 72
HP implementation, 71
initiating authentication, 66
maintaining, 83
Message-Authentication attribute, 66
packet format, 64
performing authentication (port security), 109
performing MAC-802.1X authentication (port
security), 109
port authorization status, 63
protocols, 64
setting authentication timeout timers, 77
setting maximum number of authentication request
attempts, 77
setting maximum number of concurrent users on a
port, 76
setting port authorization state, 75
specifying access control method, 76
specifying mandatory port authentication domain,
79
specifying supported domain name delimiters, 83
using authentication with other features, 71
VLAN assignment, 71
AAA
configuration, 1, 44
configuration considerations, 14
configuring for HWTACACS server Telnet user, 44
configuring for separate server Telnet user, 46