Manualshelf

ProCurve Series 2300 and 2500 Switches Release Notes

ManualsBrandsHP ManualsServerHP NonStop G-Series
21222324252627282930
20
Enhancements in Release F.05.xx
Configuring Port-Based Access Control (802.1x)
Configuring Port-Based Access Control (802.1x)
Overview
Why Use Port-Based Access Control?
Local Area Networks are often deployed in a way that allows unauthorized clients to attach to
network devices, or allows unauthorized users to get access to unattended clients on a network. Also,
the use of DHCP services and zero configuration make access to networking services easily available.
This exposes the network to unauthorized use and malicious attacks. While access to the network
should be made easy, uncontrolled and unauthorized access is usually not desirable. 802.1x provides
access control along with the ability to control user profiles from a central RADIUS server while
allowing users access from multiple points within the network.
General Features
802.1x on the Series 2500 switches includes the following:
Switch operation as both an authenticator (for supplicants having a point-to-point connec-
tion to the switch) and as a supplicant for point-to-point connections to other 802.1x-aware
switches.
Authentication of 802.1x clients using a RADIUS server and either the EAP or CHAP
protocol.
Provision for enabling clients that do not have 802.1 supplicant software to use the
switch as a path for downloading the software and initiating the authentication process
(802.1x Open VLAN mode).
Supplicant implementation using CHAP authentication and independent username and
password configuration on each port.
Prevention of traffic flow in either direction on unauthorized ports.
Local authentication of 802.1x clients using the switch’s local username and password (as
an alternative to RADIUS authentication).
Feature Default Menu CLI Web
Configuring Switch Ports as 802.1x Authenticators Disabled n/a page 28 n/a
Configuring 802.1x Open VLAN Mode Disabled n/a page 34 n/a
Configuring Switch Ports to Operate as 802.1x Supplicants Disabled n/a page 47 n/a
Displaying 802.1x Configuration, Statistics, and Counters n/a n/a page 51 n/a
How 802.1x Affects VLAN Operation n/a n/a page 57 n/a
RADIUS Authentication and Accounting Refer to “Configuring RADIUS Authentication and
Accounting” on page -97