13-25
Configuring Port-Based and User-Based Access Control (802.1X)
Configuring Switch Ports as 802.1X Authenticators
For example, to enable the switch to perform 802.1X authentication using one
or more EAP-capable RADIUS servers:
Figure 13-6. Example of 802.1X (Port-Access) Authentication
4. Enter the RADIUS Host IP Address(es)
If you select either eap-radius or chap-radius for the authentication method,
configure the switch to use 1, 2, or 3 RADIUS servers for authentication. The
following syntax shows the basic commands. For coverage of all commands
related to RADIUS server configuration, refer to chapter 6, “RADIUS Authen-
tication, Authorization, and Accounting”.
HP Switch(config)# aaa authentication port-access eap-radius
HP Switch(config)# show authentication
Status and Counters - Authentication Information
Login Attempts : 3
Respect Privilege : Disabled
| Login Login Login
Access Task | Primary Server Group Secondary
----------- + ---------- ------------ ----------
Console | Local None
Telnet | Local None
Port-Access | EapRadius
Webui | Local None
SSH | Local None
Web-Auth | ChapRadius None
MAC-Auth | ChapRadius None
| Enable Enable Enable
Access Task | Primary Server Group Secondary
----------- + ---------- ------------ ----------
Console | Local None
Telnet | Local None
Webui | Local None
SSH | Local None
802.1X (Port-Access)
configured for EAP-
RADIUS authentication.
Syntax: radius host < ip-address > [oobm]
Adds a server to the RADIUS configuration.
For switches that have a separate out-of-band manage-
ment port, the oobm parameter specifies that the
RADIUS traffic will go through the out-of-band man-
agement (OOBM) port.
To Next Page
Loading...
Need help?
General
