Manualshelf

WESM zl Management and Configuration Guide Supplement 2007-09

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
21222324252627282930
17
Using zl Switch Features for the Module
LLDP Auto-Provisioning. By default, LLDP is enabled on the switch and all
switch ports. The following command enables auto-provisioning. For
auto-provisioning to operate, it must be in an enabled state.
ProCurve (Config)# lldp auto-provision radio-ports
The no form of this command disables auto-provisioning.
Automatic RP VLAN Operation Using RADIUS-Assigned
VLANs
Using 802.1X RADIUS-assigned VLANs, an authenticated radio port may be
automatically assigned to a designated radio port VLAN. Any PoE-enabled
switch port configured as an 802.1X authenticator may be used to connect an
authenticated radio port. Using authentication, only authorized radio ports
can provide wireless services to the network.
Radio ports use a supplicant-initiated, MD5-based 802.1X authentication
scheme. A global username and password (default values are admin and
procurve respectively) may be configured for all adopted radio ports. With a
RADIUS server configured to assign authenticated radio ports to a radio port
VLAN, radio ports may be connected to switch ports configured as 802.1X
authenticators and begin communicating with the wireless services-enabled
switch.
802.1X must be configure in port-based mode (the default mode) rather than
client-based mode, if that option is available. Client-based mode allows
multiple clients (1-32) on the same port, but only when they individually
authenticate themselves. Radio ports will not be adopted if 802.1X is
configured on a port in the client-based mode.
ProCurve Identity Driven Management can be used to configure and manage
policies that allow a RADIUS server to assign VLANs, as well as ACLs and rate
limits to authenticated clients. Alternately, VLAN assignment can be
configured directly on the RADIUS server.
Manually Configuring RP VLAN Operation
You can manually configure static VLANs to provide communication between
the wireless services-enabled switch and a radio port, as well as
communication to the wired network (uplink network ports). You may
configure as many uplink VLANs and radio port VLANs as your network
requires, provided that these VLANs only include the Modules internal uplink
or downlink port as tagged members.