82 CHAPTER 10: MAKING YOUR NETWORK SECURE
For Network Login, the Switch uses EAP (Extensible Authentication
Protocol).
For further information about RADIUS, see “What is RADIUS?”
on
page 85
.
What is Rada? The Radius Authenticated Device Access feature complements the
existing 802.1X support of the Switch. Instead of needing an 802.1X
client on every end station, the switch can use the MAC address of the
end station to query the RADIUS server.
How Rada Works The Rada feature controls the network access of a host based on
authenticating its MAC address. A host is allowed access to the entire
network, to a restricted network or no access at all. The switch obtains
the network access authorisation from a centrally located RADIUS server
by supplying the MAC address of the host as shown in Figure 20
Figure 20 Network Login Operation via MAC Address
For Rada, the Switch uses PAP (Password Authentication Protocol).
Rada has an ‘Unauthorized Device action’ of allowDefaultAccess or
blockMacAddress, which control the action on authentication refusal.
Network Access Server
(Switch 4200)
Network Access Client without 802.1x
(Client Device)
MAC address
Authentication
via MAC Address
RADIUS Server
dua1730-0bAA03.book Page 82 Monday, July 11, 2005 11:14 AM
To Next Page
Loading...
