Loading ...
Loading ...
Loading ...
24-Port Gigabit (Hi-Power) PoE+ Ethernet Smart Managed Pro Switch with 2 SFP Ports
Configuration Examples User Manual421
A port access entity (PAE) is able to adopt one of two distinct roles within an access control
interaction:
1. Authenticator. A port that enforces authentication before allowing access to services
available through that port.
2. Supplicant. A port that
attempts to access services offered by the authenticator.
Additionally, a third role exists:
3. Authentication server. Performs the
authentication function necessary to check the
credentials of the supplicant on behalf of the authenticator.
All three roles are required for you to complete an authentication exchange.
The switch supports the authenticator role only, in which the PAE is responsible for
communicating with the supplicant. The authenticator PAE is als
o responsible for submitting
the information received from the supplicant to the authentication server for the credentials to
be checked, which determines the authorization state of the port. The authenticator PAE
controls the authorized/unauthorized state of the controlled port depending on the outcome
of the RADIUS-based authentication process.
Figure 3. 802.1X authentication roles
802.1X example configuration
This example shows how to configure the switch so that 802.1X-based authentication is
required on the ports in a corporate conference room (g5–g8). These ports are available to
visitors and must be authenticated before access is granted to the network. The
authentication is handled by an external RADIUS server. When the visitor is successfully
authenticated, traffic is automatically assigned to the guest VLAN. This example assumes
that a VLAN was configured with a VLAN ID of 150 and VLAN name of Guest.
1. On
the Port Authentication page (see
Manage port authentication on individual ports
on page 280), select ports g5, g6, g7, and g8.
2. From the Port Control
menu, select Unauthorized.
Loading ...
Loading ...
Loading ...