beautypg.com

Ii. checking the client version – H3C Technologies H3C S3100 Series Switches User Manual

Page 284

background image

Operation Manual – 802.1x

H3C S3100-52P Ethernet Switch

Chapter 1 802.1x Configuration

1-11

z

Supplicant systems logging on through IE proxies

z

Whether or not a supplicant system logs in through more than one network
adapters (that is, whether or not more than one network adapters are active in a
supplicant system when the supplicant system logs in).

In response to any of the three cases, a switch can optionally take the following
measures:

z

Disconnecting the supplicant system and sending Trap packets, which can be
achieved by using the dot1x supp-proxy-check logoff command.

z

Sending Trap packets without disconnecting the supplicant system, which can be
achieved by using the dot1x supp-proxy-check trap command.

This function needs the cooperation of 802.1x client and a CAMS server.

z

The 802.1x client needs to capable of detecting multiple network adapters, proxies,
and IE proxies.

z

The CAMS server is configured to disable the use of multiple network adapters,
proxies, or IE proxies.

By default, an 802.1x client program allows use of multiple network adapters, proxies,
and IE proxies. In this case, if the CAMS server is configured to disable use of multiple
network adapters, proxies, or IE proxies, it prompts the 802.1x client to disable use of
multiple network adapters, proxies, or IE proxies through messages after the supplicant
system passes the authentication.

Note:

z

The client-checking function needs the support of H3C’s 802.1x client program.

z

To implement the proxy detecting function, you need to enable the function on both
the 802.1x client program and the CAMS server in addition to enabling the client
version detecting function on the switch by using the dot1x version-check
command.

II. Checking the client version

With the 802.1x client version-checking function enabled, a switch checks the version
and validity of an 802.1x client to prevent unauthorized users or users with earlier
versions of 802.1x client from logging in.

See also other documents in the category H3C Technologies Routers: