Protection from unauthorized access
6.5 Port Authentication
6.5 Port Authentication
6.5.1 Description Port-Based Network Access
Control (802.1X)
The Port-Based Network Access Control is a method described in the
standard IEEE 802.1X for the authentication and authorization of devices in
IEEE 802 networks which are connected to a port of the Switch, and which
want to access the Switch and/or the network connected to the Switch.
The authentication and authorization is carried out by the Authenticator, in
this case the Switch. This authenticates (or does not authenticate) the
supplicant (the querying device, e.g. a PC), which means that it permits the
access to the services it provides, or else refuses it. In the process, the
Switch accesses an external authentication server (RADIUS server), which
checks the authentication data of the supplicant. The supplicant and the
Switch exchange the authentication data via the Extensible Authentication
Protocol (EAP), while the Switch and the server exchange the authentication
data via the RADIUS protocol.
Radius Server
Switch/Authenticator
802.1X Supplicant
0
0
0
0
Power MICE
Fig. 24:
Radius server connection
Basic - L3P
87
Release 3.1 06/07