ACL assignment
You can specify an ACL for an 802.1X user to control its access to network resources. After the user passes 802.1X authentication, the authentication server assigns the ACL to the access port to filter traffic from this user. The authentication server can be the local access device or a RADIUS server. In either case, you must configure the ACL on the access device.
To ensure a successful ACL assignment, make sure the ACL does not contain rules that match source MAC addresses.
To change the access control criteria for the user, you can use one of the following methods:
Modify ACL rules on the access device.
Specify another authorization ACL on the authentication server.
For more information about ACLs, see ACL and QoS Configuration Guide.