Overview; Why Use Port-Based Or Client-Based Access Control; General Features - HP ProCurve 6400cl Series Access Security Manual
Hide thumbs
Also See for ProCurve 6400cl Series:
- Management and configuration manual (508 pages) ,
- Installation and getting started manual (84 pages) ,
- Management manual (664 pages)
Table of Contents
Advertisement
Feature
Configuring Switch Ports as 802.1X Authenticators
Configuring 802.1X Open VLAN Mode
Configuring Switch Ports to Operate as 802.1X Supplicants
Displaying 802.1X Configuration, Statistics, and Counters
How 802.1X Affects VLAN Operation
RADIUS Authentication and Accounting
Overview
Why Use Port-Based or Client-Based Access Control?
Local Area Networks are often deployed in a way that allows unauthorized
clients to attach to network devices, or allows unauthorized users to get
access to unattended clients on a network. Also, the use of DHCP services and
zero configuration make access to networking services easily available. This
exposes the network to unauthorized use and malicious attacks. While access
to the network should be made easy, uncontrolled and unauthorized access
is usually not desirable. 802.1X simplifies security management by providing
access control along with the ability to control user profiles from up to three
RADIUS servers while allowing a given user to use the same username and
password pair for access from multiple points within the network.
General Features
802.1X on the switches covered by this guide includes the following:
■
Switch operation as both an authenticator (for supplicants having a point-
to-point connection to the switch) and as a supplicant for point-to-point
connections to other 802.1X-aware switches.
•
Authentication of 802.1X access using a RADIUS server and either the
EAP or CHAP protocol.
•
Provision for enabling clients that do not have 802.1 supplicant soft
ware to use the switch as a path for downloading the software and
initiating the authentication process (802.1X Open VLAN mode).
•
On the 5300xl switches (running software version E.09.xx or greater),
client-based access control with support for up to 32 authenticated
clients per-port. (All sessions must use the same VLAN, and the
session total includes any begun by the Web Authentication or MAC
Configuring Port-Based and Client-Based Access Control (802.1X)
Default
Menu
Disabled
Disabled
Disabled
n/a
n/a
Refer to chapter 6, "RADIUS Authentication and
Accounting"
CLI
Web
n/a
page 10-15
n/a
page 10-21
n/a
page 10-38
n/a
page 10-42
n/a
page 10-49
Overview
n/a
n/a
n/a
n/a
n/a
10-3
Advertisement
Table of Contents
