Verifying The Configuration; With Guest Vlan And Vlan Assignment Configuration Example; Network Requirements - HP 3600 v2 Series Configuration Manual

[Device-Ethernet1/0/1] dot1x
[Device-Ethernet1/0/1] quit
# Enable MAC-based access control on the port. (Optional. MAC-based access control is the
default setting.)
[Device] dot1x port-method macbased interface ethernet 1/0/1

Verifying the configuration

Use the display dot1x interface ethernet 1/0/1 command to verify the 802.1X configuration. After an
802.1X user passes RADIUS authentication, you can use the display connection command to view the
user connection information. If the user fails RADIUS authentication, local authentication is performed.
802.1X with guest VLAN and VLAN assignment
configuration example

Network requirements

As shown in
A host is connected to port Ethernet 1/0/2 of the device and must pass 802.1X authentication to
•
access the Internet. Ethernet 1/0/2 is in VLAN 1.
Ethernet 1/0/2 implements port-based access control.
•
• Ethernet 1/0/3 is in VLAN 5 and is for accessing the Internet.
The authentication server runs RADIUS and is in VLAN 2.
•
The update server in VLAN 10 is for client software download and upgrade.
•
If no user performs 802.1X authentication on Ethernet 1/0/2 within a period of time, the device adds
Ethernet 1/0/2 to its guest VLAN, VLAN 10. The host and the update server are both in VLAN 10 and
the host can access the update server and download the 802.1X client software.
After the host passes 802.1X authentication, the network access device assigns the host to VLAN 5 where
Ethernet 1/0/3 is. The host can access the Internet.
Figure 30:
98