5.2.2 Coexistence in the same port
This section describes, for the following categories, the combinations of authentication mode that the Switch supports when using multiple Layer 2 authentication strategies simultaneously on a single port:
-
Fixed VLAN mode
-
Dynamic VLAN mode
-
Fixed VLAN mode and dynamic VLAN mode
-
Legacy mode
- <Structure of this section>
(1) Coexistence of Fixed VLAN Modes on the Same Port
Port type |
IEEE802.1X |
Web Authentication (fixed VLAN mode) |
MAC-based Authentication (fixed VLAN mode) |
|
---|---|---|---|---|
Port-based authentication |
VLAN-based authentication (static) |
|||
Access port |
OK #1 |
- |
OK |
OK |
- |
OK |
OK |
OK |
|
Channel group port (access port) |
OK |
NG |
- |
- |
- |
OK |
- |
- |
|
Trunk port |
- |
OK #2 |
OK |
OK |
Channel group port (trunk port) |
- |
OK #2 |
- |
- |
All other cases |
- |
- |
- |
- |
(2) Coexistence of Dynamic VLAN Modes on the Same Port
Port type |
IEEE802.1X VLAN-based authentication (dynamic) |
Web Authentication (dynamic VLAN mode) |
MAC-based Authentication (dynamic VLAN mode) |
---|---|---|---|
MAC port |
OK |
OK |
OK |
All other cases |
NG |
NG |
NG |
(3) Coexistence of dynamic VLAN mode and fixed VLAN mode on the same port
Port type |
Type of received frames |
IEEE802.1X |
Web Authentication |
MAC-based Authentication |
|||
---|---|---|---|---|---|---|---|
VLAN-based authentication (static) |
VLAN-based authentication (dynamic) |
Fixed VLAN mode |
Dynamic VLAN mode |
Fixed VLAN mode |
Dynamic VLAN mode |
||
MAC port configured with dot1q |
Tagged frame |
OK #1 |
NG |
NG |
NG |
OK |
NG |
Untagged frame |
NG |
OK |
OK #2 |
OK |
OK #2 |
OK |
(4) Coexistence of Legacy Mode on the Same Port
Port type |
IEEE802.1X VLAN-based authentication (dynamic) |
Web Authentication (legacy mode) |
MAC-based Authentication (all modes) |
---|---|---|---|
MAC port |
OK |
OK |
NG |
All other cases |
NG |
NG |
NG |