1-3
Triple Authentication Configuration
Complete the following tasks to configure triple authentication:
Task Remarks For details
Configure 802.1X authentication Required
Refer to 802.1X and System-guard
Operation.
Configure MAC authentication Required
Refer to MAC Address Authentication
Operation.
Configure Web authentication Required Refer to Web Authentication Operation.
Triple Authentication Configuration Example
Network Requirement
As shown in Figure 1-2, the terminals are connected to a switch to access the IP network. It is required
to configure triple authentication on the Ethernet port of the switch which connects to the terminals, so
that a terminal passing one of the three authentication methods, 802.1X authentication, Web
authentication and MAC authentication, can access the IP network. More specifically,
z The terminals request IP addresses through DHCP. They use IP addresses in 192.168.1.0/24
before authentication and in 3.3.3.0/24 after passing authentication.
z Use the remote RADIUS server to perform authentication, authorization and accounting and
configure the switch to send usernames carrying no ISP domain names to the RADIUS server.
z The IP address of the local Web authentication server on the switch is 100.1.1.1.
z Users passing authentication are added to VLAN 3, the authorized VLAN.
z Users failing authentication are added to VLAN 2, the Auth-Fail VLAN, and are allowed to access
only the Update server.
Network Diargram
Figure 1-2 Network diagram for triple authentication supporting authorized VLAN assignment and
Auth-Fail VLAN
To Next Page
Loading...
Need help?
General