Security: 802.1X Authentication
Authenticator Overview
386 Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)
19
The Sx300 in Layer 3 router mode supports the multi-sessions mode
without guest VLAN and RADIUS-VLAN assignment:
Multiple Authentication Methods
If more than one authentication method is enabled on the switch, the following
hierarchy of authentication methods is applied:
• 802.1x Authentication: Highest
• WEB-Based Authentication
• MAC-Based Authentication: Lowest
Multiple methods can run at the same time. When one method finishes
successfully, the client becomes authorized, the methods with lower priority are
stopped and the methods with higher priority continue.
When one of authentication methods running simultaneously fails, the other
methods continue.
When an authentication method finishes successfully for a client authenticated by
an authentication method with a lower priority, the attributes of the new
authentication method are applied. When the new method fails, the client is left
authorized with the old method.
802.1x-Based Authentication
The 802.1x-based authenticator relays transparent EAP messages between
802.1x supplicants and authentication servers. The EAP messages between
supplicants and the authenticator are encapsulated into the 802.1x messages, and
the EAP messages between the authenticator and authentication servers are
encapsulated into the RADIUS messages.
To Next Page
Loading...
