HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 362
Table 10-2., 1X Open VLAN Mode Options, 1X Per-Port Configuration, Port Response
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 362 highlights
Configuring Port-Based and User-Based Access Control (802.1X) 802.1X Open VLAN Mode Table 10-2. 802.1X Open VLAN Mode Options 802.1X Per-Port Configuration Port Response No Open VLAN mode: The port automatically blocks a client that cannot initiate an authentication session. Open VLAN mode with both of the following configured: Unauthorized-Client VLAN • When the port detects a client without 802.1X supplicant capability, it automatically becomes an untagged member of this VLAN. If you previously configured the port as a static, tagged member of the VLAN, membership temporarily changes to untagged while the client remains unauthenticated. • If the port already has a statically configured, untagged membership in another VLAN, then the port temporarily closes access to this other VLAN while in the Unauthorized-Client VLAN. • To limit security risks, the network services and access available on the Unauthorized-Client VLAN should include only what a client needs to enable an authentication session. If the port is statically configured as a tagged member of any other VLANs, access to these VLANs is blocked while the port is a member of the Unauthorized-Client VLAN. Note for a Port Configured To Allow Multiple Client Sessions: If any previously authenticated clients are using a port assigned to a VLAN other than the Unauthorized-Client VLAN, then a later client that is not running 802.1X supplicant software is blocked on the port until all other, authenticated clients on the port have disconnected. 10-32