EasyManuals Logo
Home>HP>Switch>J8697A

HP J8697A User Manual

HP J8697A
778 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #684 background imageLoading...
Page #684 background image
13-72
Configuring Port-Based and User-Based Access Control (802.1X)
How RADIUS/802.1X Authentication Affects VLAN Operation
If this temporary VLAN assignment causes the switch to disable a different
untagged static or dynamic VLAN configured on the port (as described in
the preceding bullet and in “Example of Untagged VLAN Assignment in a
RADIUS-Based Authentication Session” on page 13-72), the disabled
VLAN assignment is not advertised. When the authentication session
ends, the switch:
Removes the temporary untagged VLAN assignment and stops adver-
tising it.
Re-activates and resumes advertising the temporarily disabled,
untagged VLAN assignment.
If you modify a VLAN ID configuration on a port during an 802.1X, MAC,
or Web authentication session, the changes do not take effect until the
session ends.
When a switch port is configured with RADIUS-based authentication to
accept multiple 802.1X and/or MAC or Web authentication client sessions,
all authenticated clients must use the same port-based, untagged VLAN
membership assigned for the earliest, currently active client session.
Therefore, on a port where one or more authenticated client sessions are
already running, all such clients are on the same untagged VLAN (unless
MAC-based VLANs are enabled. Please see “MAC-Based VLANs” on
page 6-51). If a RADIUS server subsequently authenticates a new client,
but attempts to re-assign the port to a different, untagged VLAN than the
one already in use for the previously existing, authenticated client ses-
sions, the connection for the new client will fail.
Example of Untagged VLAN Assignment in a RADIUS-
Based Authentication Session
The following example shows how an untagged static VLAN is temporarily
assigned to a port for use during an 802.1X authentication session. In the
example, an 802.1X-aware client on port A2 has been authenticated by a
RADIUS server for access to VLAN 22. However, port A2 is not configured as
a member of VLAN 22 but as a member of untagged VLAN 33 as shown in
Figure 13-20.

Table of Contents

Other manuals for HP J8697A

Preview: Advanced Traffic Management Guide
Advanced Traffic Management Guide460 pages
Preview: Installation Guide
Installation Guide56 pages
Preview: Planning And Implementation Guide
Planning And Implementation Guide58 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP J8697A and is the answer not in the manual?

HP J8697A Specifications

General IconGeneral
BrandHP
ModelJ8697A
CategorySwitch
LanguageEnglish

Related product manuals