Chapter 54: 802.1x Port-based Network Access Control
724 Section VIII: Port Security
client must be authenticated in order for all remaining clients to continue to
forward traffic through the port.
Multiple
Supplicant Mode
This mode requires the authentication of all clients on an authenticator
port. This mode is appropriate in situations where an authenticator port is
supporting more than one client and you want all clients to be
authenticated. An authenticator port in this mode can support up to a
maximum of 320 clients, with a total maximum of 480 per switch.
If you are using the 802.1x authentication method, you must provide each
client with a separate username and password combination and the
clients must provide their combinations to forward traffic through a switch
port.
An example of this authenticator operating mode is illustrated in Figure
123. The clients are connected to a hub or non-802.1x-compliant switch
which is connected to an authenticator port on the switch. If the
authenticator port is set to the 802.1x authentication method, the clients
must provide their username and password combinations before they can
forward traffic through the switch.
If the authentication method is MAC address-based, the authenticator port
uses the MAC addresses of the clients as the username and password
combinations. The port accepts and forwards traffic only from those clients
whose MAC addresses have been entered on the RADIUS server and
denies access to all other users.
To Next Page
Loading...
