Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide, Rel. 12.2(25)SEF1

ManualsBrandsHP ManualsComputer AccessoriesCisco Catalyst Blade Switch 3020 for HP c-Class BladeSystem

181

182

183

184

185

186

187

188

189

190

7-18

Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide

OL-8915-01

Chapter 7 Configuring IEEE 802.1x Port-Based Authentication

Configuring IEEE 802.1x Authentication

MAC authentication bypass interacts with the features:

• IEEE 802.1x authentication—You can enable MAC authentication bypass only if IEEE 802.1x

authentication is enabled on the port.

• Guest VLAN—If a client has an invalid MAC address identity, the switch assigns the client to a

guest VLAN if one is configured.

• Restricted VLAN—This feature is not supported when the client connected to an IEEE 802.lx port

is authenticated with MAC authentication bypass.

• Port security—See the “Using IEEE 802.1x Authentication with Port Security” section on

page 7-15.

• Voice VLAN—See the “Using IEEE 802.1x Authentication with Voice VLAN Ports” section on

page 7-15.

• VLAN Membership Policy Server (VMPS)—IEEE802.1x and VMPS are mutually exclusive.

• Private VLAN—You can assign a client to a private VLAN.

Configuring IEEE 802.1x Authentication

These sections contain this configuration information:

• Default IEEE 802.1x Authentication Configuration, page 7-19

• IEEE 802.1x Authentication Configuration Guidelines, page 7-20

• Configuring IEEE 802.1x Authentication, page 7-22 (required)

• Configuring the Switch-to-RADIUS-Server Communication, page 7-23 (required)

• Configuring the Host Mode, page 7-25 (optional)

• Configuring Periodic Re-Authentication, page 7-25 (optional)

• Manually Re-Authenticating a Client Connected to a Port, page 7-26 (optional)

• Changing the Quiet Period, page 7-26 (optional)

• Changing the Switch-to-Client Retransmission Time, page 7-27 (optional)

• Setting the Switch-to-Client Frame-Retransmission Number, page 7-28 (optional)

• Setting the Re-Authentication Number, page 7-29 (optional)

• Configuring IEEE 802.1x Accounting, page 7-29 (optional)

• Configuring a Guest VLAN, page 7-30 (optional)

• Configuring a Restricted VLAN, page 7-31 (optional)

• Configuring the Inaccessible Authentication Bypass Feature, page 7-33 (optional)

• Configuring IEEE 802.1x Authentication with WoL, page 7-35 (optional)

• Configuring MAC Authentication Bypass, page 7-36 (optional)

• “Configuring IEEE 802.1x Authentication Using a RADIUS Server” section on page 7-37 (optional)

• Disabling IEEE 802.1x Authentication on the Port, page 7-38 (optional)

• Resetting the IEEE 802.1x Authentication Configuration to the Default Values, page 7-38 (optional)