[x]

Configuring 802.1X > Enabling 802.1X user IP freezing

 

 Next

Enabling 802.1X user IP freezing

This feature works with the IP source guard feature. 802.1X-based IP source guard requires that 802.1X clients support sending user IP addresses to the access device. The device uses information such as user MAC addresses and IP addresses obtained through 802.1X to generate IPSG bindings to filter out IPv4 packets from unauthenticated 802.1X users. For information about IP source guard, see "Configuring IP source guard."

This feature prevents any authenticated 802.1X users on a port from changing their IP addresses. After you enable this feature, the port does not update the IP addresses in dynamic IPSG bindings for 802.1X users. If an 802.1X user uses an IP address different from the IP address in its IPSG binding entry, the port denies the user access.

To enable 802.1X user IP freezing:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

N/A

3. Enable 802.1X user IP freezing.

dot1x user-ip freeze

By default, 802.1X user IP freezing is disabled.

prev

 

up

 next

Specifying supported domain name delimiters 

home

 Sending 802.1X protocol packets out of a port without VLAN tags

© Copyright 2016 Hewlett Packard Enterprise Development LP