C
HAPTER
13
| Security Measures
Configuring 802.1X Port Authentication
– 346 –
clients through the remote authenticator (see "Configuring Port
Supplicant Settings for 802.1X" on page 349).
â—† This switch can be configured to serve as the authenticator on selected
ports by setting the Control Mode to Auto on this configuration page,
and as a supplicant on other ports by the setting the control mode to
Force-Authorized on this page and enabling the PAE supplicant on the
Supplicant configuration page.
PARAMETERS
These parameters are displayed:
◆ Port – Port number.
◆ Status – Indicates if authentication is enabled or disabled on the port.
The status is disabled if the control mode is set to Force-Authorized.
◆ Authorized – Displays the 802.1X authorization status of connected
clients.
â–
Yes – Connected client is authorized.
â–
N/A – Connected client is not authorized, or port is not connected.
◆ Supplicant – Indicates the MAC address of a connected client.
◆ Control Mode – Sets the authentication mode to one of the following
options:
â–
Auto – Requires a dot1x-aware client to be authorized by the
authentication server. Clients that are not dot1x-aware will be
denied access.
â–
Force-Authorized – Forces the port to grant access to all clients,
either dot1x-aware or otherwise. (This is the default setting.)
â–
Force-Unauthorized – Forces the port to deny access to all
clients, either dot1x-aware or otherwise.
◆ Operation Mode – Allows single or multiple hosts (clients) to connect
to an 802.1X-authorized port. (Default: Single-Host)
â–
Single-Host – Allows only a single host to connect to this port.
â–
Multi-Host – Allows multiple host to connect to this port.
In this mode, only one host connected to a port needs to pass
authentication for all other hosts to be granted network access.
Similarly, a port can become unauthorized for all hosts if one
attached host fails re-authentication or sends an EAPOL logoff
message.
To Next Page
Loading...
Need help?
General