Configuring Port-Based and Client-Based Access Control (802.1X)
802.1X Open VLAN Mode
Table 10-2. 802.1X Open VLAN Mode Options
802.1X Per-Port Configuration
Port Response
No Open VLAN mode:
The port automatically blocks a client that cannot initiate an
authentication session.
Open VLAN mode with
both
of the following configured:
Unauthorized-Client VLAN
•
•
•
When the port detects a client without 802.1X supplicant
capability, it automatically becomes an untagged member of this
VLAN. If you previously configured the port as a static, tagged
member of the VLAN, membership temporarily changes to
untagged while the client remains unauthenticated.
If the port already has a statically configured, untagged
membership in another VLAN, then the port temporarily closes
access to this other VLAN while in the Unauthorized-Client VLAN.
To limit security risks, the network services and access available
on the Unauthorized-Client VLAN should include only what a client
needs to enable an authentication session. If the port is statically
configured as a tagged member of any other VLANs, access to
these VLANs is blocked while the port is a member of the
Unauthorized-Client VLAN.
Note for a Port Configured To Allow Multiple Client Sessions:
If any
previously authenticated clients are using a port assigned to a VLAN
other than the Unauthorized-Client VLAN, then a later client that is
not running 802.1X supplicant software is blocked on the port until all
other, authenticated clients on the port have disconnected.
10-27
Summary of Contents for J8697A
Page 1: ...6200yl Access Security Guide 5400zl 3500yl ProCurve Switches K 11 XX www procurve com ...
Page 2: ......
Page 22: ...Product Documentation Feature Index xx ...
Page 55: ...Configuring Username and Password Security Front Panel Security 2 21 ...
Page 56: ...Configuring Username and Password Security Front Panel Security 2 22 ...
Page 58: ...Virus Throttling Contents Operating Notes 3 30 Connection Rate Log and Trap Messages 3 31 3 2 ...
Page 88: ...Virus Throttling Connection Rate Log and Trap Messages This page is intentionally unused 3 32 ...
Page 118: ...Web and MAC Authentication Client Status This page intentionally unused 4 30 ...
Page 356: ...Configuring and Monitoring Port Security Operating Notes for Port Security 11 44 ...
Page 370: ...Using Authorized IP Managers Operating Notes This page is intentionally unused 12 14 ...
Page 388: ...10 Index ...
Page 389: ......