HP procurve 2500 사용자 설명서
56
Enhancements in Release F.05.05 through F.05.70
Enhancements in Release F.05.05 through F.05.60
N o t e o n B l o c k i n g a N o n - 8 0 2 . 1 X D e v i c e
If the port’s 802.1X authenticator
control mode is configured to authorized (as shown below, instead
of
auto), then the first source MAC address from any device, whether 802.1X-aware or not, becomes
the only authorized device on the port.
aaa port-access authenticator < port-list > control authorized
With 802.1X authentication disabled on a port or set to
authorized (Force Authorize), the port may
learn a MAC address that you don’t want authorized. If this occurs, you can block access by the
unauthorized, non-802.1X device by using one of the following options:
unauthorized, non-802.1X device by using one of the following options:
■
If 802.1X authentication is disabled on the port, use these command syntaxes to enable it
and allow only an 802.1X-aware device:
and allow only an 802.1X-aware device:
If 802.1X authentication is enabled on the port, but set to
authorized (Force Authorized), use this
command syntax to allow only an 802.1X-aware
device:
device:
aaa port-access authenticator e < port-list >
Enables 802.1X authentication on the port.
aaa port-access authenticator e < port-list > control auto
Forces the port to accept only a device that supports 802.1X
and supplies valid credentials.
and supplies valid credentials.
aaa port-access authenticator e < port-list > control auto
Forces the port to accept only a device that supports 802.1X
and supplies valid credentials.
and supplies valid credentials.