HP MSR1003-8 AC Router : R2511-HP MSR Router Series Security Configuration Guide(V5) : Page 5

iii

802.1X guest VLAN and VLAN assignment configuration example ······································································ 105

Network requirements ········································································································································· 105

Configuration procedure ···································································································································· 106

Verifying the configuration ································································································································· 107

802.1X with ACL assignment configuration example ····························································································· 108

Network requirements ········································································································································· 108

Configuration procedure ···································································································································· 108

Verifying the configuration ································································································································· 109

Configuring EAD fast deployment ························································································································· 110

Overview ······································································································································································· 110

Free IP ··································································································································································· 110

URL redirection ····················································································································································· 110

Configuration prerequisites ········································································································································· 110

Configuring a free IP ··················································································································································· 111

Configuring the redirect URL ······································································································································· 111

Setting the EAD rule timer ··········································································································································· 111

Displaying and maintaining EAD fast deployment ··································································································· 112

EAD fast deployment configuration example ············································································································ 112

Network requirements ········································································································································· 112

Configuration procedure ···································································································································· 113

Verifying the configuration ································································································································· 113

Troubleshooting EAD fast deployment ······················································································································· 114

Web browser users cannot be correctly redirected ························································································ 114

Configuring MAC authentication ··························································································································· 115

Overview ······································································································································································· 115

User account policies ·········································································································································· 115

Authentication methods······································································································································· 115

MAC authentication timers ································································································································· 116

Using MAC authentication with other features ········································································································· 116

VLAN assignment ················································································································································ 116

ACL assignment ··················································································································································· 116

Configuration task list ·················································································································································· 117

Basic configuration for MAC authentication ············································································································· 117

Configuring MAC authentication globally ········································································································ 117

Configuring MAC authentication on a port ····································································································· 118

Specifying a MAC authentication domain ················································································································ 118

Configuring MAC authentication delay ····················································································································· 119

Displaying and maintaining MAC authentication ···································································································· 119

MAC authentication configuration examples ············································································································ 120

Local MAC authentication configuration example··························································································· 120

RADIUS-based MAC authentication configuration example··········································································· 121

ACL assignment configuration example············································································································ 123

Configuring port security ········································································································································ 126

Overview ······································································································································································· 126

Port security features ··········································································································································· 126

Port security modes ············································································································································· 127

Support for WLAN ·············································································································································· 129

Working with guest VLAN and Auth-Fail VLAN ······························································································ 130

Configuration task list ·················································································································································· 130

Enabling port security ·················································································································································· 131

Setting port security's limit on the number of MAC addresses on a port······························································· 131

Setting the port security mode ···································································································································· 132

Configuration prerequisites ································································································································ 132