EasyManuals Logo
Home>HP>Switch>5120 EI Switch Series

HP 5120 EI Switch Series User Manual

HP 5120 EI Switch Series
304 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #145 background imageLoading...
Page #145 background image
135
Triple authentication supporting VLAN assignment and Auth-Fail
VLAN configuration example
Network requirement
As shown in Figure 46, the terminals are connected to a switch to access the IP network. It is required to
configure triple authentication on the Layer-2 interface of the switch which connects to the terminals, so
that a terminal passing one of the three authentication methods, 802.1X authentication, portal
authentication, and MAC authentication, can access the IP network. More specifically,
ï‚· Portal terminals request IP addresses through DHCP. They obtain IP addresses in 192.168.1.0/24
before authentication and in 3.3.3.0/24 after passing authentication.
ï‚· 802.1X terminals use IP addresses in 192.168.1.0/24 before authentication, and request IP addresses
in 3.3.3.0/24 through DHCP after passing authentication. If the terminal fails authentication, it uses
an IP address in 2.2.2.0/24.
ï‚· After passing authentication, the printer obtains the IP address 3.3.3.111/24 that is bound with its
MAC address through DHCP.
ï‚· Use the remote RADIUS server to perform authentication, authorization, and accounting and
configure the switch to send usernames carrying no ISP domain names to the RADIUS server.
ï‚· The local portal authentication server on the switch uses listening IP address 4.4.4.4. The switch
sends a default authentication page to the web user and forwards authentication data using HTTPS.
ï‚· Configure VLAN 3 as the authorized VLAN on the RADIUS server. Users passing authentication are
added to this VLAN.
ï‚· Configure VLAN 2 as the Auth-Fail VLAN on the access device. Users failing authentication are
added to this VLAN, and are allowed to access only the Update server.
Figure 46 Network diagram for triple authentication supporting VLAN assignment and Auth-Fail VLAN
IP network
RADIUS server
Switch
1.1.1.2/24
802.1X client
Printer
Web user
Update server
2.2.2.2/24
Vlan-int3
3.3.3.1
Vlan-int8
192.168.1.1/24
Vlan-int2
2.2.2.1/24
GE1/0/1
Vlan-int1
1.1.1.1
Configuration procedure

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 5120 EI Switch Series and is the answer not in the manual?

HP 5120 EI Switch Series Specifications

General IconGeneral
BrandHP
Model5120 EI Switch Series
CategorySwitch
LanguageEnglish

Related product manuals