4-12
Web and MAC Authentication
Setup Procedure for Web/MAC Authentication
■
Web- or MAC-based authentication and LACP cannot both be enabled
on the same port.
We b / M A C
A u t h e n t i c a t i o n
a n d L A C P
Web or MAC authentication and LACP are not supported at the same time on
a port. The switch automatically disables LACP on ports configured for Web
or MAC authentication.
■
Use the
show port-access web-based
commands to display session
status, port-access configuration settings, and statistics for Web-Auth
sessions.
■
When spanning tree is enabled on a switch that uses 802.1X, Web
authentication, or MAC authentication, loops may go undetected. For
example, spanning tree packets that are looped back to an edge port
will not be processed because they have a different broadcast/multi-
cast MAC address from the client-authenticated MAC address. To
ensure that client-authenticated edge ports get blocked when loops
occur, you should enable loop protection on those ports. For more
information, refer to “Loop Protection” in the chapter titled “Multiple
Instance Spanning-Tree Operation” in the
Advanced Traffic Manage-
ment Guide
for your switch.
Setup Procedure for Web/MAC
Authentication
Before You Configure Web/MAC Authentication
1.
Configure a local username and password on the switch for both the
Operator (login) and Manager (enable) access levels. (While this is not
required for a Web- or MAC-based configuration, HP recommends that
you use a local user name and password pair, at least until your other
security measures are in place, to protect the switch configuration from
unauthorized access.)
2.
Determine the switch ports that you want to configure as authenticators.
Note that before you configure Web- or MAC-based authentication on a
port operating in an LACP trunk, you must remove the port from the trunk.
(For more information, refer to the “Web/MAC Authentication and LACP”
on page 4-12.)
Содержание E3800 Series
Страница 1: ...HP Switch Software E3800 switches Software version KA 15 03 September 2011 Access Security Guide ...
Страница 2: ......
Страница 3: ...HP Networking E3800 Switches Access Security Guide September 2011 KA 15 03 ...
Страница 30: ...xxviii ...
Страница 86: ...2 36 Configuring Username and Password Security Password Recovery ...
Страница 186: ...4 72 Web and MAC Authentication Client Status ...
Страница 290: ...6 74 RADIUS Authentication Authorization and Accounting Dynamic Removal of Authentication Limits ...
Страница 364: ...8 32 Configuring Secure Shell SSH Messages Related to SSH Operation ...
Страница 510: ...10 130 IPv4 Access Control Lists ACLs General ACL Operating Notes ...
Страница 548: ...11 38 Configuring Advanced Threat Protection Using the Instrumentation Monitor ...
Страница 572: ...12 24 Traffic Security Filters and Monitors Configuring Traffic Security Filters ...
Страница 659: ...14 11 Configuring and Monitoring Port Security Port Security Figure 14 5 Examples of Show Mac Address Outputs ...
Страница 730: ...20 Index ...
Страница 731: ......