HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 126
Working with guest VLAN and Auth-Fail VLAN, Configuration task list, Enabling port security
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 126 highlights
This mode is similar to the macAddressOrUserLoginSecure mode except that a port in this mode supports multiple 802.1X and MAC authentication users. • macAddressElseUserLoginSecure This mode is the combination of the macAddressWithRadius and userLoginSecure modes, with MAC authentication having a higher priority as the Else keyword implies. For wired users, the port performs MAC authentication 30 seconds after receiving non-802.1X frames and performs MAC authentication and then, if the authentication fails, 802.1X authentication upon receiving 802.1X frames. • macAddressElseUserLoginSecureExt This mode is similar to the macAddressElseUserLoginSecure mode except that a port in this mode supports multiple 802.1X and MAC authentication users as the keyword Ext implies. NOTE: An OUI, as defined by the IEEE, is the first 24 bits of the MAC address, which uniquely identifies a device vendor. Working with guest VLAN and Auth-Fail VLAN An 802.1X guest VLAN is the VLAN that a user is in before initiating authentication. An 802.1X Auth-Fail VLAN is the VLAN that a user is in after failing authentication. Support for the guest VLAN and Auth-Fail VLAN features varies with security modes. You can use the 802.1X guest VLAN and 802.1X Auth-Fail VLAN features together with port security modes that support 802.1X authentication. For more information about the 802.1X guest VLAN and Auth-Fail VLAN on a port that performs MAC-based access control, see "Configuring 802.1X." Configuration task list Task Enabling port security Setting port security's limit on the number of MAC addresses on a port Setting the port security mode Configuring port security features Configuring NTK Configuring intrusion protection Enabling port security traps Configuring secure MAC addresses Ignoring authorization information Remarks Required. Optional. Required. Optional. Configure one or more features as required. Optional. Optional. Enabling port security Enabling or disabling port security resets the following security settings to the default: • 802.1X access control mode is MAC-based, and the port authorization state is auto. • Port security mode is noRestrictions. 116