HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 357
Wake-on-LAN Traffic, Operating Notes, controlled-direction
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 357 highlights
Note Configuring Port-Based and User-Based Access Control (802.1X) Configuring Switch Ports as 802.1X Authenticators ■ The 802.1s Multiple Spanning Tree Protocol (MSTP) or 802.1w Rapid Spanning Tree Protocol (RSTP) is enabled on the switch. MSTP and RSTP improve resource utilization while maintaining a loop-free network. For information on how to configure the prerequisites for using the aaa portaccess controlled-directions in command, see Chapter 4, "Multiple Instance Spanning-Tree Operation" in the Advanced Traffic Management Guide. Syntax: aaa port-access controlled-directions both (default): Incoming and outgoing traffic is blocked on an 802.1X-aware port before authentication occurs. in: Incoming traffic is blocked on an 802.1X-aware port before authentication occurs. Outgoing traffic with unknown destination addresses is flooded on unauthenticated 802.1X-aware ports. Wake-on-LAN Traffic The Wake-on-LAN feature is used by network administrators to remotely power on a sleeping workstation (for example, during early morning hours to perform routine maintenance operations, such as patch management and software updates). The aaa port-access controlled-direction in command allows Wake-on-LAN traffic to be transmitted on an 802.1X-aware egress port that has not yet transitioned to the 802.1X authenticated state; the controlled-direction both setting prevents Wake-on-LAN traffic to be transmitted on an 802.1X-aware egress port until authentication occurs. Although the controlled-direction in setting allows Wake-on-LAN traffic to traverse the switch through unauthenticated 802.1X-aware egress ports, it does not guarantee that the Wake-on-LAN packets will arrive at their destination. For example, firewall rules on other network devices and VLAN rules may prevent these packets from traversing the network. Operating Notes ■ Using the aaa port-access controlled-directions in command, you can enable the transmission of Wake-on-LAN traffic on unauthenticated egress ports that are configured for any of the following port-based security features: • 802.1X authentication • MAC authentication • Web authentication 10-27