EasyManuals Logo
Home>HP>Switch>1920 Gigabit Ethernet Switch Series

HP 1920 Gigabit Ethernet Switch Series User Manual

HP 1920 Gigabit Ethernet Switch Series
547 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #349 background imageLoading...
Page #349 background image
336
Table 106 Relationships of the 802.1X guest VLAN and other security features
Feature Relationshi
p
descri
p
tion
MAC authentication guest VLAN on a port that
performs MAC-based access control
Only the 802.1X guest VLAN take effect. A user that
fails MAC authentication will not be assigned to the
MAC authentication guest VLAN.
802.1X Auth-Fail VLAN on a port that performs
MAC-based access control
The 802.1X Auth-Fail VLAN has a higher priority.
Port intrusion protection on a port that performs
MAC-based access control
The 802.1X guest VLAN function has higher priority
than the block MAC action, but it has lower priority
than the shutdown port action of the port intrusion
protection feature.
Configuring an Auth-Fail VLAN
Configuration prerequisites
• Create the VLAN to be specified as the 802.1X Auth-Fail VLAN.
• If the 802.1X-enabled port performs MAC-based access control, configure the port as a hybrid port,
enable MAC-based VLAN on the port, and assign the port to the Auth-Fail VLAN as an untagged
member.
Configuration guidelines
• The 802.1X Auth-Fail VLANs on different ports can be different.
• Assign different IDs to the port VLAN and the 802.1X Auth-Fail VLAN on a port, so the port can
correctly process VLAN tagged incoming traffic.
• Use Table 107 w
hen configuring multiple security features on a port.
Table 107 Relationships of the 802.1X Auth-Fail VLAN with other features
Feature Relationshi
p
descri
p
tion
MAC authentication guest VLAN on a port that
performs MAC-based access control
The 802.1X Auth-Fail VLAN has a high priority.
Port intrusion protection on a port that performs
MAC-based access control
The 802.1X Auth-Fail VLAN function has higher priority
than the block MAC action, but it has lower priority
than the shutdown port action of the port intrusion
protection feature.
802.1X configuration examples
MAC-based 802.1X configuration example
Network requirements
As shown in Figure 311, the access device performs 802.1X authentication for users that connect to port
GigabitEthernet 1/0/1. Implement MAC-based access control on the port, so the logoff of one user does
not affect other online 802.1X users. Enable periodic re-authentication of online users on the port, so that
the server can periodically update the authorization information of the users.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 1920 Gigabit Ethernet Switch Series and is the answer not in the manual?

HP 1920 Gigabit Ethernet Switch Series Specifications

General IconGeneral
BrandHP
Model1920 Gigabit Ethernet Switch Series
CategorySwitch
LanguageEnglish

Related product manuals