Switches, Hubs, and Modems
1748139 Members
3943 Online
108758 Solutions
New Discussion юеВ

802.1X Open

 
Steve BRUNATO
Occasional Contributor

802.1X Open

I'm still with my dynamic Vlan assignment...
Remember : I have 3 subneted vlans and a 5406zl.
VLAN1 : 10.10.10.0/24
VLAN2 : 10.10.20.0/24
VLAN3 : 10.10.30.0/24
All the machines in VLAN2 & 3 have static IP addresses, machines in VLAN1 receive their IPs by DHCP server.
What I want is when I plug a machine, it has its Vlan dynamically assigned.
I have just seen there is an authentication method implemented in the 5406 which is '802.1X Open VLan Mode'. Will this feature solve my problem (I don't want to use RADIUS server) ?
Thanks
2 REPLIES 2
Mohieddin Kharnoub
Honored Contributor

Re: 802.1X Open

Hi Steve

With 802.1x Open Vlan you can have Authorized Vlan and Unauthorized Vlan.
That means, if i plug my pc to a switch and authenticate correctly, the switch will place me automatically in the Authorized Vlan which is configured on the Switch.

If i plug a machine on a port, it won't authenticate and it will be placed in the unauthorized Vlan configured on the Switch.

If you know already the ports that you usually plug machines with static IPs to it, then this may work with you, but the problem you can't use this port any more for a normal user since he needs to authenticate.

So if you know the these ports then its better to assign them to Vlans statically, not using the 802.1x.

Again, if you know the ports that you will plug machines to, then its better to have Mac lock down which allows you to lock a MAC address(s) on a port along with Vlan ID.

Good Luck !!!
Science for Everyone
Steve BRUNATO
Occasional Contributor

Re: 802.1X Open

Thank you...
I was so happy when I saw this feature...

I will do static assignements...

Thanks another time...