Port Access Entity (802.1X); 802.1X Port-Based And Mac-Based Access Control; Authentication Server - D-Link DGS-3324SRi User Manual

Click Apply to implement changes made.

Port Access Entity (802.1X)

802.1x Port-Based and MAC-Based Access Control

The IEEE 802.1x standard is a security measure for authorizing and authenticating users to gain access to various wired or
wireless devices on a specified Local Area Network by using a Client and Server based access control model. This is
accomplished by using a RADIUS server to authenticate users trying to access a network by relaying Extensible
Authentication Protocol over LAN (EAPOL) packets between the Client and the Server. The following figure represents a
basic EAPOL packet:
Utilizing this method, unauthorized devices are restricted from connecting to a LAN through a port to which the user is
connected. EAPOL packets are the only traffic that can be transmitted through the specific port until authorization is
granted. The 802.1x Access Control method holds three roles, each of which are vital to creating and upkeeping a stable
and working Access Control security method.
The following section will explain the three roles of Client, Authenticator and Authentication Server in greater detail.

Authentication Server

The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must
be running a RADIUS Server program and must be configured properly on the Authenticator (Switch). Clients connected
xStack Stackable Gigabit Layer 3 Switch Manual
warning – Entering this parameter along with the proper destination, stated
above, will instruct the Switch to send critical and warning events to the
Switch's log and/or SNMP agent.
information – Entering this parameter along with the proper destination,
stated above, will instruct the Switch to send informational, warning and
critical events to the Switch's log and/or SNMP agent.
Figure 6- 76. The EAPOL Packet
Figure 6- 77. The three roles of 802.1x
137