Characteristics of this solution:
1. The convergence layer device must be of high quality since the network is large
and numerous users are connected, since any of its fault may cause the failures of
accessing the network.
2. User management is performed on the Radius Server in a centralized manner. The
administrator does not have to know which device a user is connected to,
facilitating administrator management.
3. The access layer device can be the less expensive non-NM devices (as long as
they support transparent transmission of EAPOL frames).
4. The administrator cannot manage the device on the access layer through the
network.
37.2 Configuring 802.1X
The following sections describe how to configure 802.1X.
Default Configuration of 802.1X
Precautions for Configuring 802.1X
Configuring the communication between the device and Radius server
Setting the 802.1X Authentication Switch
Enabling/Disabling the Authentication of a Port
Enabling Timed Re-authentication
Changing the QUIET Time
Setting the Packet Retransmission Interval
Setting the Maximum Number of Requests
Setting the Maximum Number of Re-authentications
Setting the Server-timeout
Configuring the device to initiate the 802.1X authentication actively
Configuring 802.1X Accounting
Configuring the IP authorization mode
Releasing Advertisement
List of Authenticable Hosts under a Port
Authorization
Configuring the Authentication Mode
Configure the backup authentication server.
Configuring and Managing Online Users
Implementing User-IP Binding
Port-based Traffic Charging
Implementing Automatic Switching and Control of VLAN
Shielding Proxy Server and Dial-up
To Next Page
Loading...
Need help?
General