ii
EAP termination ····················································································································································· 66
Configuring 802.1X ·················································································································································· 68
HP implementation of 802.1X ······································································································································ 68
Configuration prerequisites ··········································································································································· 68
802.1X configuration task list······································································································································· 68
Enabling 802.1X···························································································································································· 69
Enabling EAP relay or EAP termination ······················································································································· 69
Setting the port authorization state ······························································································································ 70
Specifying an access control method ·························································································································· 70
Setting the maximum number of concurrent 802.1X users on a port······································································· 70
Setting the maximum number of authentication request attempts ············································································· 71
Setting the 802.1X authentication timeout timers ······································································································· 71
Configuring the online user handshake function ········································································································ 72
Configuring the authentication trigger function ·········································································································· 72
Configuration guidelines ······································································································································ 73
Configuration procedure ······································································································································ 73
Specifying a mandatory authentication domain on a port························································································ 73
Configuring the quiet timer ··········································································································································· 74
Enabling the periodic online user re-authentication function····················································································· 74
Displaying and maintaining 802.1X ··························································································································· 75
802.1X authentication configuration example ··········································································································· 75
Network requirements··········································································································································· 75
Configuration procedure ······································································································································ 75
Verifying the configuration ··································································································································· 77
Configuring MAC authentication ······························································································································ 78
Overview········································································································································································· 78
User account policies ············································································································································ 78
Authentication methods········································································································································· 78
Configuration prerequisites ··········································································································································· 79
Configuration task list ···················································································································································· 79
Enabling MAC authentication ······································································································································ 79
Specifying a MAC authentication domain ·················································································································· 80
Configuring the user account format···························································································································· 80
Configuring MAC authentication timers ······················································································································ 81
Setting the maximum number of concurrent MAC authentication users on a port·················································· 81
Displaying and maintaining MAC authentication ······································································································ 82
Local MAC authentication configuration example ····································································································· 82
Network requirements··········································································································································· 82
Configuration procedure ······································································································································ 82
Verifying the configuration ··································································································································· 83
RADIUS-based MAC authentication configuration example ····················································································· 84
Network requirements··········································································································································· 84
Configuration procedure ······································································································································ 84
Verifying the configuration ··································································································································· 85
Configuring port security ··········································································································································· 87
Overview········································································································································································· 87
Port security features ············································································································································· 87
Port security modes ··············································································································································· 87
Configuration task list ···················································································································································· 90
Enabling port security ···················································································································································· 90
Setting port security's limit on the number of secure MAC addresses on a port ···················································· 91
Setting the port security mode ······································································································································ 91
Configuring port security features ································································································································ 92