EasyManuals Logo

Enterasys Matrix DFE-Gold Series User Manual

Enterasys Matrix DFE-Gold Series
944 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #840 background imageLoading...
Page #840 background image
Configuring 802.1X Authentication
25-2 Authentication Configuration
•LocalusercredentialsusedforlocalauthenticationandauthorizationofCLIandWebView
managementsessions.Fordetails,refertoSettingUserAccountsandPasswordson
page 215andSettingtheAuthenticationLoginMethodonpage 2550.
•RemoteAAAserviceusedforremoteauthentication,authorization,andaccountingof
CLI
andWebViewmanagementsessions,aswellasallnetworkaccesssessionsprovisionedby
wayof802.1x,PWA,orMACAuthentication.Fordetails,refertoSettingtheAuthentication
LoginMethodonpage 25 50andConfiguring802.1XAuthenticationonpage 252.
SupportforRADUIS,RFC3580,andTACACS+canbe
foundinthefollowingsections:
ConfiguringRADIUSonpage 2553,ConfiguringRFC3580onpage 2560,and
ConfiguringTACACS+onpage 2563
Configuring 802.1X Authentication
About Multi-User Authentication
EnterasysNetworks’enhancedversionoftheIEEE802.1X2001specificationdecreasessecurity
vulnerabilitiesinherentwiththestandardimplementation,andallowsmultipledevicesand users,
alsoknownas“supplicants,”tobeauthenticatedonasingleport.Theenhancedstandardclearly
distinguisheseachnetworkaccessportfromitsaccess“entities,”whichmaintainauthentication
instructionsassociatedwitheachuniquepotentialsupplicant.
802.1Xenhancementsarebackwardscompatiblewithexisting802.1Xsupplicantsand
configurations,andaredesignedtoseamlesslyintegrateintoEnterasys’peruserpolicy
managementsystem;allowingmuchmoregranularcontroloveruserauthorization.
TheEnterasysmultiuser802.1Ximplementationincludesthefollow ingcomponents:
•AMultiMode
EnabledEnterasysMatrixSystem—onlywhenasystemissettooperatein
multipleauthenticationmode(asdescribedinConfiguringMultipleAuthenticationon
page 271)cantheenhanced802.1Xfeaturebeused.Thesystemʹsportsintendedfornetwork
accesstoauthenticateandauthorizesupplicantswillbeallowedtosimultaneously
utilize
morethanoneaccessentity.
AccessEntities—responsibleformaintainingstate,counters,andstatisticsforanindividual
supplicant.Anaccessentityisactivatedfromapoolofconfiguredaccessentitieswhena
potentialsupplicantonaportneedstobeauthenticated.Itbecomesdeactivatedwhenthe
supplicantlogsoff,cannotbe
authenticated,ortheEnterasysMatrixdevicedeterminesthat
thesupplicantorassociatedpolicysettingsarenolongervalid.
Supplicants—devicesorusersthatdesireaccesstothenetwork,suchasworkstations,
printers,PDAs,orhardwiredorwirelessphones.Thesewillbeidentifiedbythesystemusing
acombinationofconnectionport,
MACaddresses,andallocatedaccessentityindex.Oncea
supplicantissuccessfullyauthenticated,thesystemisresponsible forenforcingthedegreeto
whichthesupplicantwillbeauthorizedtoaccessthenetwork,usinginformationsenttoitby
theauthenticationserver.
AuthenticationServer—typicallyaRADIUSauthority,wheretheEnterasysMatrixsystem
and
serverhavemutuallyconfiguredknowledgeofoneanother.
Purpose
Toreviewandconfigure802.1XauthenticationforoneormoreportsusingEAPOL(Extensible
AuthenticationProtocol).802.1Xcontrolsnetworkaccessbyenforcinguserauthorizationon

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Enterasys Matrix DFE-Gold Series and is the answer not in the manual?

Enterasys Matrix DFE-Gold Series Specifications

General IconGeneral
BrandEnterasys
ModelMatrix DFE-Gold Series
CategorySwitch
LanguageEnglish

Related product manuals