BigIron RX Series Configuration Guide xxix
53-1002253-01
How 802.1x port security works. . . . . . . . . . . . . . . . . . . . . . . . . . . .963
Device roles in an 802.1x configuration . . . . . . . . . . . . . . . . .963
Communication between the devices . . . . . . . . . . . . . . . . . . .964
Controlled and uncontrolled ports . . . . . . . . . . . . . . . . . . . . . .965
Message exchange during authentication . . . . . . . . . . . . . . . .966
Authenticating multiple clients connected to the same
port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .968
802.1x port security and sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . .970
Configuring 802.1x port security . . . . . . . . . . . . . . . . . . . . . . . . . . .970
Configuring an authentication method list for 802.1x . . . . . . 971
Setting RADIUS parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . 971
Configuring dynamic VLAN assignment for 802.1x ports . . . .972
Disabling and enabling strict security mode for dynamic
filter assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .973
Dynamically applying existing ACLs or MAC address filter . . .975
Configuring per-user IP ACLs or MAC address filters . . . . . . . . 976
Enabling 802.1x port security. . . . . . . . . . . . . . . . . . . . . . . . . . 976
Setting the port control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 977
Configuring periodic re-authentication . . . . . . . . . . . . . . . . . . .978
Re-authenticating a port manually . . . . . . . . . . . . . . . . . . . . . .978
Setting the quiet period. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .979
Setting the interval for retransmission of EAP-request/
identity frames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .979
Specifying the number of EAP-request/identity frame
retransmissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .979
Specifying a timeout for retransmission of messages
to the authentication server . . . . . . . . . . . . . . . . . . . . . . . . . . .980
Specifying a timeout for retransmission of
EAP-request frames to the client . . . . . . . . . . . . . . . . . . . . . . .980
Initializing 802.1x on a port . . . . . . . . . . . . . . . . . . . . . . . . . . .980
Allowing multiple 802.1x clients to authenticate. . . . . . . . . . .980
Displaying 802.1x information . . . . . . . . . . . . . . . . . . . . . . . . . . . . .982
Displaying 802.1x configuration information. . . . . . . . . . . . . .982
Displaying 802.1x statistics . . . . . . . . . . . . . . . . . . . . . . . . . . .984
Clearing 802.1x statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . .986
Displaying dynamically assigned VLAN information . . . . . . . .986
Displaying information on MAC address filters and IP ACLs on an
interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .987
Displaying information about the dot1x-mac-sessions on
each port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .988
Sample 802.1x configurations. . . . . . . . . . . . . . . . . . . . . . . . . . . . .989
Point-to-point configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . .990
Hub configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .991
802.1X Authentication with dynamic VLAN assignment . . . . .992
Using multi-device port authentication and 802.1X
security on the same port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .993
To Next Page
Loading...
