Manually Reauthenticating All Online 802.1X Users On A Port; Sending 802.1X Protocol Packets Out Of A Port Without Vlan Tags - HP FlexNetwork 10500 Series Security Configuration Manual

Manually reauthenticating all online 802.1X users
on a port
This feature reauthenticates all online 802.1X users on a port after the dot1x re-authenticate
manual command is executed. The feature is independent of the server-assigned reauthentication
attribute and the periodic reauthentication feature.
When no server is reachable for the reauthentication, the device keeps the users online or logs off
the users, depending on the keep-online feature configuration on the port.
To manually reauthenticate all online 802.1X users on a port:
Step
1. Enter system view.
2. Enter Layer 2 Ethernet interface view.
3. Manually reauthenticate all online 802.1X
users on the port.
Sending 802.1X protocol packets out of a port
without VLAN tags
After an 802.1X user passes authentication on a port, the 802.1X server assigns authorization
attributes to the access device. If the port is assigned to a VLAN as a tagged member, the device
sends packets to the client with VLAN tags.
This feature enables the device to send 802.1X protocol packets without VLAN tags. It prevents
terminal devices connected to the port from failing 802.1X authentication because they cannot
identify VLAN tags.
This feature is not available for Ethernet ports whose link type is access.
To enable the device to send 802.1X protocol packets out of a port without VLAN tags:
Step
1. Enter system view.
2. Enter Layer 2 Ethernet
interface view.
3. Enable the device to send
802.1X protocol packets
out of the port without
VLAN tags.
Command
system-view
interface interface-type interface-number
dot1x re-authenticate manual
Command
system-view
interface interface-type
interface-number
dot1x eapol untag
92
Remarks
N/A
N/A
By default, whether the device sends
802.1X EAPOL packets out of a port
with VLAN tags depends on the port
configuration and the server-assigned
VLAN setting.