Manualshelf

R211x-HP Flexfabric 11900 Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP FlexFabric 11000 Switch Products
919293949596979899100
91
The port performs 802.1X authentication upon receiving 802.1X frames, and performs OUI check
upon receiving non-802.1X frames.
NOTE:
A
n OUI is a 24-bit number that uniquely identifies a vendor, manufacturer, or or
g
anization. In MAC
addresses, the first three octets are the OUI.
Performing MAC authentication
macAddressWithRadius: A port in this mode performs MAC authentication, and services multiple users.
Performing a combination of MAC authentication and 802.1X authentication
macAddressOrUserLoginSecure
This mode is the combination of the macAddressWithRadius and userLoginSecure modes. It allows
one 802.1X authentication user and multiple MAC authentication users to log in.
The port performs MAC authentication upon receiving non-802.1X frames and performs 802.1X
authentication upon receiving 802.1X frames.
macAddressOrUserLoginSecureExt
This mode is similar to the macAddressOrUserLoginSecure mode, except that this mode supports
multiple 802.1X and MAC authentication users.
macAddressElseUserLoginSecure
This mode is the combination of the macAddressWithRadius and userLoginSecure modes, with
MAC authentication having a higher priority as the Else keyword implies. It allows one 802.1X
authentication user and multiple MAC authentication users to log in.
macAddressElseUserLoginSecureExt
This mode is similar to the macAddressElseUserLoginSecure mode except that this mode supports
multiple 802.1X and MAC authentication users as the keyword Ext implies.
Configuration task list
Tasks at a
g
lance
Remarks
(Required.) Enabling port security N/A
(Optional.) Setting port security's limit on the number of secure MAC
addresses on a port
N/A
(Required.) Setting the port security mode N/A
(Required.) Configuring port security features:
Configuring NTK
Configuring intrusion protection
Configure one or more port security
features according to the network
requirements.
(Optional.) Configuring secure MAC addresses N/A
(Optional.) Ignoring authorization information from the server N/A
(Optional.) Enabling MAC move N/A