HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 361
Use Models for 802.1X Open VLAN Modes, Unauthorized-Client VLAN
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 361 highlights
Note Configuring Port-Based and User-Based Access Control (802.1X) 802.1X Open VLAN Mode After client authentication, the port resumes membership in any tagged VLANs for which it is configured. If the port is a tagged member of a VLAN used for 1 or 2 listed above, then it also operates as an untagged member of that VLAN while the client is connected. When the client disconnects, the port reverts to tagged membership in the VLAN. Use Models for 802.1X Open VLAN Modes You can apply the 802.1X Open VLAN mode in more than one way. Depending on your use, you will need to create one or two static VLANs on the switch for exclusive use by per-port 802.1X Open VLAN mode authentication: ■ Unauthorized-Client VLAN: Configure this VLAN when unauthenti- cated, friendly clients will need access to some services before being authenticated or instead of being authenticated. ■ Authorized-Client VLAN: Configure this VLAN for authenticated clients when the port is not statically configured as an untagged member of a VLAN you want clients to use, or when the port is statically configured as an untagged member of a VLAN you do not want clients to use. (A port can be configured as untagged on only one port-based VLAN. When an Authorized-Client VLAN is configured, it will always be untagged and will block the port from using a statically configured, untagged membership in another VLAN.) Note that after client authentication, the port returns to membership in any tagged VLANs for which it is configured. See the "Note", above. 10-31