HP 1920-24G-PoE+ Bedienungsanleitung Seite 334
- Seite / 547
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
321
Configuring 802.1X
802.1X overview
802.1X is a port-based network access control protocol initially proposed by the IEEE 802 LAN/WAN
committee for the security of WLANs. It has been widely used on Ethernet for access control.
802.1X controls network access by authenticating the devices connected to 802.1X-enabled LAN ports.
This chapter describes how to configure 802.1X on an HP device. You can also configure the port security
feature to perform 802.1X. Port security combines and extends 802.1X and MAC authentication. It
applies to a network (for example, a WLAN) that requires different authentication methods for different
users on a port. For more information, see "Configuring port security."
802.1X architecture
802.1X operates in the client/server model. It comprises three entities: the client (the supplicant), the
network access device (the authenticator), and the authentication server.
Figure 298 802.1X architecture
• Client—A user terminal seeking access to the LAN. It must have 802.1X software to authenticate to
the network access device.
• Network access device—Authenticates the client to control access to the LAN. In a typical 802.1X
environment, the network access device uses an authentication server to perform authentication.
• Authentication server—Provides authentication services for the network access device. The
authentication server authenticates 802.1X clients by using the data sent from the network access
device, and returns the authentication results to the network access device to make access decisions.
The authentication server is typically a RADIUS server. In a small LAN, you can also use the network
access device as the authentication server.
Access control methods
HP implements port-based access control as defined in the 802.1X protocol, and extends the protocol to
support MAC-based access control.
• Port-based access control—Once an 802.1X user passes authentication on a port, any subsequent
user can access the network through the port without authentication. When the authenticated user
logs off, all other users are logged off.
- User Guide 1
- Contents 3
- Overview 14
- Restrictions and guidelines 15
- 3. Click Custom Level 16
- Web interface 20
- Web user level 21
- Web-based NM functions 21
- Buttons and icons 29
- Page display function 29
- Search function 30
- Sort function 32
- Getting started with the CLI 33
- Setting terminal parameters 34
- CLI commands 37
- <Sysname> initialize 38
- [Y/N]:y 38
- Please wait 38
- <Sysname> ipsetup dhcp 38
- <Sysname> password 39
- Examples 41
- Parameters 41
- Description 41
- # Reboot the switch 46
- Configuration wizard 47
- Configuring stack 52
- Configuring stack ports 54
- Stack configuration example 56
- Setting the refresh period 61
- Configuring system name 63
- 4. Click Apply 64
- Maintaining devices 65
- Device reboot 66
- Electronic label 67
- Diagnostic information 67
- Configuring system time 69
- Configuring syslog 74
- Setting the log host 75
- Managing the configuration 77
- Saving the configuration 78
- Resetting the configuration 79
- Managing files 80
- Uploading a file 81
- Removing a file 81
- Managing ports 82
- Configuring port mirroring 92
- 5. Click Apply 98
- Managing users 99
- Setting the super password 100
- Configuring a loopback test 102
- 4. Click Test 103
- Configuring VCT 104
- Configuring RMON 106
- History group 107
- Event group 107
- Alarm group 107
- RMON configuration task list 108
- Configuring a history entry 111
- Configuring an event entry 112
- Configuring an alarm entry 113
- Displaying RMON statistics 114
- Displaying RMON event logs 117
- RMON configuration example 118
- Verifying the configuration 121
- Configuring energy saving 122
- Item Descri 123
- Configuring SNMP 124
- SNMP protocol versions 125
- Enabling SNMP agent 126
- Configuring an SNMP view 128
- Adding rules to an SNMP view 129
- Configuring an SNMP group 131
- Configuring an SNMP user 133
- Network requirements 137
- Configuring the agent 137
- Configuring the NMS 139
- SNMPv3 configuration example 140
- Configuring VLANs 146
- VLAN types 147
- Port-based VLAN 148
- Frame handling methods 149
- Creating VLANs 152
- Setting the PVID for a port 154
- Selecting VLANs 155
- Modifying a VLAN 156
- Modifying ports 157
- VLAN configuration example 158
- Configuration guidelines 162
- Configuring VLAN interfaces 163
- Modifying a VLAN interface 165
- Configuring a voice VLAN 169
- Configuring Switch A 176
- Types of MAC address entries 187
- Configuring MSTP 190
- Basic concepts in STP 191
- Path cost 192
- Calculation process 192
- Example of STP calculation 193
- Introduction to RSTP 197
- Introduction to MSTP 198
- MST region 199
- Port states 201
- How MSTP works 202
- Configuring an MST region 204
- Configuring MSTP globally 205
- Configuring MSTP on a port 208
- MSTP configuration example 212
- Configuration procedure 213
- Configuring Switch B 215
- Configuring Switch C 216
- Configuring Switch D 216
- Link aggregation modes 219
- Dynamic aggregation mode 220
- Configuration procedures 221
- Setting LACP priority 224
- Configuring LLDP 230
- LLDPDUs 231
- LLDP operating modes 234
- Working mechanism 234
- Protocols and standards 235
- Enabling LLDP on ports 236
- Configuring LLDP globally 240
- LLDP configuration example 249
- Configuring ARP 255
- ARP table 256
- Configuring ARP entries 257
- Removing ARP entries 258
- Configuring gratuitous ARP 259
- Configuring ARP detection 263
- Configuring IGMP snooping 265
- How IGMP snooping works 267
- Configuring MLD snooping 279
- How MLD snooping works 281
- Default route 292
- Configuration considerations 296
- DHCP overview 305
- IP address lease extension 306
- DHCP message format 307
- DHCP options 308
- Configuring DHCP relay agent 310
- Task Remarks 311
- Creating a DHCP server group 313
- Configuring DHCP snooping 319
- Enabling DHCP snooping 322
- Managing services 327
- Item Descri 329
- Using diagnostic tools 330
- Ping operation 331
- Traceroute operation 332
- 4. Click Start 333
- Configuring 802.1X 334
- Packet formats 335
- EAP over RADIUS 336
- EAP-Message 337
- Message-Authenticator 337
- EAP relay 339
- EAP termination 340
- 802.1X timers 341
- VLAN assignment 342
- Guest VLAN 342
- Auth-Fail VLAN 343
- Configuration prerequisites 344
- Configuring 802.1X globally 345
- Configuring 802.1X on a port 346
- Configuring IP addresses 350
- Configuring a RADIUS scheme 356
- Configuring AAA 358
- Configuring an ACL 361
- Configuring an ISP domain 367
- AAA configuration example 372
- Configuring RADIUS 376
- RADIUS packet format 378
- Extended RADIUS attributes 380
- Adding RADIUS servers 386
- RADIUS configuration example 387
- Configuring users 393
- Configuring a user group 395
- Managing certificates 397
- How PKI works 398
- PKI applications 399
- Creating a PKI entity 401
- Creating a PKI domain 403
- Generating an RSA key pair 406
- Destroying the RSA key pair 407
- 3. Click Request Cert 409
- Version CRL version number 411
- PKI configuration example 412
- Configuring the switch 413
- MAC authentication timers 418
- ACL assignment 418
- Configuring a local user 422
- 1. Create an ISP domain: 427
- Request timed out 433
- Configuring port security 434
- Configuring permitted OUIs 442
- Configuring port isolation 453
- Configuring authorized IP 456
- Configuring ACLs 463
- Rule numbering 464
- Rule numbering step 464
- Configuring a time range 466
- Adding an IPv4 ACL 467
- Adding an IPv6 ACL 474
- Configuring QoS 479
- Impacts 480
- Countermeasures 480
- End-to-end QoS 481
- Traffic classification 481
- Packet precedences 482
- 802.1p priority 483
- Queue scheduling 484
- WRR queuing 485
- Rate limit 486
- Priority mapping 487
- Adding a class 491
- Adding a traffic behavior 493
- Adding a policy 496
- Applying a policy to a port 497
- Configuring Switch 502
- Configuring PoE 510
- PoE configuration example 514
- Support and other resources 516
- Conventions 517
- Network topology icons 518
- Port numbering in examples 518
Verwandte Produkte und Handbücher für Software HP 1920-24G-PoE+
Software HP PROCURVE 6600 Bedienungsanleitung
(854 Seiten)
(854 Seiten)
Software HP 3Gb Bedienungsanleitung
(86 Seiten)
(86 Seiten)
Software HP SunSoft Pascal 4.0 Bedienungsanleitung
(333 Seiten)
(333 Seiten)
Software HP 10TB Betriebsanweisung
(181 Seiten)
(181 Seiten)
Software HP DL380-SL Betriebsanweisung
(141 Seiten)
(141 Seiten)
Software HP Switch 6120 Bedienungsanleitung
(469 Seiten)
(469 Seiten)
Software HP BMD00022 Bedienungsanleitung
(228 Seiten)
(228 Seiten)
Software HP SN6000 Betriebsanweisung
(122 Seiten)
(122 Seiten)
Software HP 3PAR Bedienungsanleitung
(89 Seiten)
(89 Seiten)
Software HP NEOVIEW 544530-001 Bedienungsanleitung
(142 Seiten)
(142 Seiten)
Software HP 700wl Bedienungsanleitung
(388 Seiten)
(388 Seiten)
Software HP X9300 Installationsanleitung
(151 Seiten)
(151 Seiten)
Software HP SP1 Bedienungsanleitung
(143 Seiten)
(143 Seiten)
Software HP Q.11. (2510-24) Bedienungsanleitung
(294 Seiten)
(294 Seiten)
Software HP 441877-00F Bedienungsanleitung
(67 Seiten)
(67 Seiten)
Software HP 2000s Betriebsanweisung
(200 Seiten)
(200 Seiten)
Software HP 2012i Bedienungsanleitung
(86 Seiten)
(86 Seiten)
Software HP XP12000 Bedienungsanleitung
(38 Seiten)
(38 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.061 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern