88
Authentication status VLAN manipulation
A user in the Auth-Fail VLAN
passes 802.1X authentication
Re-maps the MAC address of the user to the server-assigned VLAN.
If the authentication server assigns no VLAN, re-maps the MAC address of the
user to the initial default VLAN on the port.
NOTE:
• To perform the 802.1X Auth-Fail VLAN function on a port that performs MAC-based access control, you
must make sure that the port is a hybrid port, and enable MAC-based VLAN on the port.
• The network device assigns a hybrid port to an 802.1X Auth-Fail VLAN as an untagged member.
• For more information about VLAN configuration and MAC-based VLAN, see
Layer 2—LAN Switchin
Configuration Guide
.
ACL assignment
You can specify an ACL for an 802.1X user to control its access to network resources. After the user
passes 802.1X authentication, the authentication server, either the local access device or a RADIUS
server, assigns the ACL to the port to filter the traffic from this user. In either case, you must configure the
ACL on the access device. You can change ACL rules while the user is online.
Configuring 802.1X
Configuration prerequisites
• Configure an ISP domain and AAA scheme (local or RADIUS authentication) for 802.1X users.
• If RADIUS authentication is used, create user accounts on the RADIUS server.
• If local authentication is used, create local user accounts on the access device and set the service
type to lan-access.
802.1X configuration task list
Complete the following tasks to configure 802.1X:
Task Remarks
Enabling 802.1X Required
Enabling EAP relay or EAP termination Optional
Setting the port authorization state Optional
Specifying an access control method Optional
Setting the maximum number of concurrent 802.1X users on a port Optional
Setting the maximum number of authentication request attempts Optional
Setting the 802.1X authentication timeout timers Optional
Configuring the online user handshake function Optional
Configuring the authentication trigger function Optional
To Next Page
Loading...
Need help?
General