13-52
Configuring Port-Based and User-Based Access Control (802.1X)
Configuring Switch Ports To Operate As Supplicants for 802.1X Connections to Other Switches
Supplicant Port Configuration
Enabling a Switch Port as a Supplicant.
You can configure a switch port
as a supplicant for a point-to-point link to an 802.1X-aware port on another
switch.
Configure the port as a supplicant before configuring any suppli-
cant-related parameters.
Configuring a Supplicant Switch Port.
You must enable supplicant oper-
ation on a port before changing the supplicant configuration. This means you
must execute the supplicant command once without any other parameters,
then execute it again with a supplicant parameter you want to configure. If
the intended authenticator port uses RADIUS authentication, then use the
identity
and
secret
options to configure the RADIUS-expected credentials on
the supplicant port. If the intended authenticator port uses Local 802.1X
authentication, then use the
identity
and
secret
options to configure the
authenticator switch’s local username and password on the supplicant port.
Syntax:
[no] aaa port-access supplicant [ethernet] <
port-list
>
Configures a port as a supplicant with either the default supp-
licant settings or any previously configured supplicant set-
tings, whichever is most recent. The “
no
” form of the command
disables supplicant operation on the specified ports.
Syntax:
aaa port-access supplicant [ethernet] <
port-list
>
To enable supplicant operation on the designated ports,
execute this command without any other parameters.
After doing this, you can use the command again with the
following parameters to configure supplicant opertion.
(Use one instance of the command for each parameter you
want to configure The
no
form disables supplicant opera-
tion on the designated port(s).
[identity <
username
>]
Sets the username and password to pass to the authenti-
cator port when a challenge-request packet is received from
the authenticator port due to an authentication request. If
the intended authenticator port is configured for RADIUS
authentication, then
< username >
and
< password >
must
be the username and password expected by the RADIUS
server. If the intended authenticator port is configured for
Local authentication, then
< username >
and
< password >
must be the username and password configured on the
Authenticator switch. (Default: Null.)
Содержание HP ProCurve Series 6600
Страница 2: ......
Страница 6: ...iv ...
Страница 26: ...xxiv ...
Страница 102: ...2 48 Configuring Username and Password Security Password Recovery ...
Страница 204: ...4 72 Web and MAC Authentication Client Status ...
Страница 550: ...10 130 IPv4 Access Control Lists ACLs General ACL Operating Notes ...
Страница 612: ...12 24 Traffic Security Filters and Monitors Configuring Traffic Security Filters ...
Страница 734: ...14 44 Configuring and Monitoring Port Security Operating Notes for Port Security ...
Страница 756: ...16 8 Key Management System Configuring Key Chain Management ...
Страница 776: ...20 Index web server proxy 14 42 webagent access 6 6 wildcard See ACL wildcard See ACL ...
Страница 777: ......