D-Link DGS-3600 Series User Manual page 306

Authenticator
The Authenticator (the Switch) is an intermediary between the Authentication Server and the Client. The Authenticator serves two
purposes when utilizing 802.1X. The first purpose is to request certification information from the Client through EAPOL packets,
which is the only information allowed to pass through the Authenticator before access is granted to the Client. The second purpose
of the Authenticator is to verify the information gathered from the Client with the Authentication Server, and to then relay that
information back to the Client.
Three steps must be implemented on the Switch to properly configure the Authenticator.
1. The 802.1X State must be Enabled. (DGS-3600 Web Management Tool)
2. The 802.1X settings must be implemented by port (Security / 802.1X / Configure 802.1X Authenticator Parameter)
3. A RADIUS server must be configured on the Switch. (Security / 802.1X / Authentic RADIUS Server)
Client
The Client is simply the endstation that wishes to gain access to the LAN or switch services. All endstations must be running
software that is compliant with the 802.1X protocol. For users running Windows XP, that software is included within the
operating system. All other users are required to attain 802.1X client software from an outside source. The Client will request
access to the LAN and or Switch through EAPOL packets and, in turn will respond to requests from the Switch.
®
xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch
Figure 11- 11. The Authentication Server
Figure 11- 12. The Authenticator
288