Table of Contents
Advertisement
Y1836bk0.book Page 5 Tuesday, July 15, 2003 12:55 PM
This document provides information to update your Dell™ PowerConnect™ 5212 User's Guide.
The information in this document supersedes that in the User's Guide.
IEEE 802.1x Port Authentication
The IEEE 802.1x standard defines a port-based access control procedure that prevents
unauthorized access to a network by requiring users to first enter a user ID and password for
authentication. Access to all switch ports in a network can be centrally controlled from a server,
which means that authorized users can use a single user ID and password for authentication from
any point within the network.
NOTE:
Currently only Remote Authentication Dial In User Service (RADIUS) servers and MD5
authentication are supported in the 802.1x implementation.
This switch uses the Extensible Authentication Protocol over LANs (EAPOL) with MD5
authentication to exchange authentication protocol messages with the client, and a remote login
authentication server (that is, RADIUS) to verify user identity and access rights. When a client
(that is, supplicant) connects to a switch port, the switch (that is, authenticator) responds with an
identity request. The client provides its identity (a configured user ID) to the switch, which it
forwards to the authentication server. The authentication server verifies the client identity and
sends this information back to the switch. The switch then issues an MD5 access challenge to the
client, and the client returns an MD5 response to the switch based on its user ID and password. If
authentication is successful, the switch allows the client to access the network. Otherwise, network
access is denied and the port remains blocked.
NOTE:
The supplicant must use 802.1x client software for authentication to be possible. The Microsoft
®
Windows
XP operating system supports a native supplicant, but other operating systems require an
add-in software module to support the 802.1x service.
The operation of 802.1x on the switch requires the following:
•
A switch with an assigned IP address.
•
RADIUS authentication must be enabled on the switch and the IP address of the RADIUS
server specified.
•
Each switch port that will be used must be set to 802.1x Auto mode.
•
Each client that needs to be authenticated must have 802.1x client software installed and be
properly configured. The configuration includes specifying the client identity (user ID) and
the password, as well as selecting MD5 as the authentication method.
•
An accessible and functioning RADIUS server.
A new page, 802.1x, has been added to the System/Switch menu. This page provides links to the
following pages:
•
802.1x Port Configuration
•
802.1x Statistics
®
5
Documentation Update
- Quick Links:
- Ieee 802.1X Port Authentication
Hide quick links:
Advertisement
Table of Contents
