With closed mode, no traffic allowed only EAPOL traffic is allowed until the authentication process completes.
Authentication is required before any basic network services are available, including DHCP. Consideration of 802.1X timers is very important with closed mode
When a device connected to that switch port authenticates, an appropriate authorization policy can be applied. Options for authorization policies include downloadable ACLs, dynamic VLAN assignment or security group tags.
Note: NO authentication open or ip access-group default-ACL in
interface GigabitEthernet 0/1 authentication host-mode multi-auth authentication port-control auto mab dot1x pae authenticator
No comments:
Post a Comment