EasyManua.ls Logo

Dell PowerConnect B-RX - Page 1021

Dell PowerConnect B-RX
1458 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
BigIron RX Series Configuration Guide 945
53-1002253-01
Example configurations
31
When the PC is authenticated using multi-device port authentication, the port PVID is changed to
“Login-VLAN”, which is VLAN 1024 in this example.
When User 1 is authenticated using 802.1X authentication, the port PVID is changed to
“User-VLAN”, which is VLAN 3 in this example.
Example 2
The configuration in Figure 123 requires that you create a profile on the RADIUS server for each
MAC address to which a device or user can connect to the network. In a large network, this can be
difficult to implement and maintain.
As an alternative, you can create MAC address profiles only for those devices that do not support
802.1X authentication, such as IP phones and printers, and configure the device to perform
802.1X authentication for the other devices that do not have MAC address profiles, such as user
PCs. To do this, you configure the device to perform 802.1X authentication when a device fails
multi-device port authentication.
Figure 123 shows a configuration where multi-device port authentication is performed for an IP
phone, and 802.1X authentication is performed for a user PC. There is a profile on the RADIUS
server for the IP phone MAC address, but not for the PC MAC address.
FIGURE 123 802.1X Authentication is performed when a device fails multi-device port
authentication
Multi-device port authentication is initially performed for both devices. The IP phone MAC address
has a profile on the RADIUS server. This profile indicates that 802.1X authentication should be
skipped for this device, and that the device port be placed into the VLAN named “IP-Phone-VLAN”.
Hub
No Profile for MAC 0002.3f7f.2e0a (PC)
User 1 Profile:
Tunnel-Private-Group-ID: = U:IP-User-VLAN
BigIron Switch
Port e1/4
Dual Mode
mac-authentication auth-fail-dot1x-override
CLI command configured
Hub
Untagged
Tagged
RADIUS Server
PC
MAC: 0002.3f7f.2e0a
User 1
IP Phone
MAC: 0050.048e.86ac
User 0050.048e.86ac (IP Phone) Profile:
Foundry-802_1x-enable = 0
Tunnel-Private-Group-ID = T:IP-Phone-VLA
N

Table of Contents

Other manuals for Dell PowerConnect B-RX

Preview: Getting Started Guide
Getting Started Guide32 pages

Related product manuals