HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 356
Optional: Reset Authenticator Operation, 7. Optional: Con X Controlled Directions
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 356 highlights
Configuring Port-Based and User-Based Access Control (802.1X) Configuring Switch Ports as 802.1X Authenticators 6. Optional: Reset Authenticator Operation While 802.1X authentication is operating, you can use the following aaa portaccess authenticator commands to reset 802.1X authentication and statistics on specified ports. Syntax: aaa port-access authenticator < port-list > [initialize] On the specified ports, blocks inbound and outbound traffic and restarts the 802.1X authentication process. This happens only on ports configured with control auto and actively operating as 802.1X authenticators. [reauthenticate] On the specified ports, forces reauthentication (unless the authenticator is in "HELD" state). [clear-statistics] On the specified ports, clears authenticator statistics counters. 7. Optional: Configure 802.1X Controlled Directions After you enable 802.1X authentication on specified ports, you can use the aaa port-access controlled-directions command to configure how a port transmits traffic before it successfully authenticates a client and enters the authenticated state. As documented in the IEEE 802.1X standard, an 802.1X-aware port that is unauthenticated can control traffic in either of the following ways: ■ In both ingress and egress directions by disabling both the reception of incoming frames and transmission of outgoing frames ■ Only in the ingress direction by disabling only the reception of incoming frames. Prerequisite. As documented in the IEEE 802.1X standard, the disabling of incoming traffic and transmission of outgoing traffic on an 802.1X-aware egress port in an unauthenticated state (using the aaa port-access controlleddirections in command) is supported only if: ■ The port is configured as an edge port in the network using the spanning- tree edge-port command. 10-26