358
NOTE:
The network device assigns a hybrid port to an 802.1X Auth-Fail VLAN as an untagged member.
ACL assignment
You can specify an ACL for an 802.1X user to control its access to network resources. After the user
passes 802.1X authentication, the authentication server, either the local access device or a RADIUS
server, assigns the ACL to the port to filter the traffic from this user. In either case, you must configure the
ACL on the access device. You can change ACL rules while the user is online.
Configuration prerequisites
When you configure 802.1X, follow these restrictions and guidelines:
• Configure an ISP domain and AAA scheme (local or RADIUS authentication) for 802.1X users. For
more information, see "Configuring AAA"
and "Configuring RADIUS."
• If RADIUS authentication is used, create user accounts on the RADIUS server.
• If local authentication is used, create local user accounts on the access device and specify the LAN
access service for the user accounts. For more information, see "Configuring users and user
gr
oups."
Recommended configuration procedure
Ste
1. Configuring 802.1X globally
Required.
Enable 802.1X authentication globally and configure the
authentication method and advanced parameters.
By default, 802.1X authentication is disabled globally.
2. Configuring 802.1X on a port
Required.
Enable 802.1X authentication on the specified port and configure
802.1X parameters for the port.
By default, 802.1X authentication is disabled on a port.
Configuring 802.1X globally
1. From the navigation tree, select Authentication > 802.1X.
To Next Page
Loading...
Need help?
General