65/100
www.zyxel.com
7.1.1 How to Implement 802.1X Port Authentication with
Dynamic VLAN Assignment (Radius Server)
Scenario and Topology
Port Authentication:
Upon detection of a new client (supplicant), the port on the switch (authenticator)
will be enabled and set to an "unauthorized" state. In this state, only the 802.1x
traffic will be allowed; other traffic, such as DHCP or HTTP, will be blocked at the
data link layer. The authenticator will send out EAP-requests identity to the
supplicant. The supplicants will need to return an EAP-response packet that the
authenticator forwards to the authentication server. The authenticating server
can accept or reject the EAP-request; if it accepts the request, the authenticator
will set the port as "authorized", which allow is forwarding across the switch.
Dynamic VLAN Assignment:
To Next Page
Loading...
