Sometimes I have to implement 802.1X on non-Cisco devices. Yes, even on HP Procurve.
In this situation I have created a setup with an HP Procurve 2610-24/12PWR uplinked with Port 1 to the rest of the network.
hostname "DOT1X-HP-SWITCH"
ip default-gateway 10.90.1.254
snmp-server community "public" Unrestricted
vlan 1
name "DEFAULT_VLAN"
untagged 2-28
ip address dhcp-bootp
no untagged 1
exit
vlan 320
name "VLAN320"
untagged 1
ip address 10.90.1.1 255.255.255.0
exit
vlan 369
name "Access VLAN"
tagged 1
exit
aaa authentication port-access eap-radius
radius-server host 10.150.150.150 key test123
aaa port-access authenticator 2-24
aaa port-access authenticator active
password manager
password operator
A client can now connect to ports 2-24, the HP switch will use 10.150.150.150 as RADIUS server with PSK “test123”.
If the RADIUS server can successfully authenticate and authorize the client, it can for example send these RADIUS attributes back to the switch, which will place the client in VLAN 369.
Access Type= ACCESS_ACCEPT
Tunnel-Private-Group-ID=1:369
Tunnel-Type=1:13
Tunnel-Medium-Type=1:6