802.1X Network Access Control Examples - Dell PowerConnect M6220 Configuration Manual

determines the authorization state of the port. Depending on the outcome of the authentication
process, the authenticator PAE then controls the authorized/unauthorized state of the controlled Port.
Authentication can be handled locally or via an external authentication server. Two are: Remote
Authentication Dial-In User Service (RADIUS) or Terminal Access Controller Access Control System
(TACACS+).

802.1x Network Access Control Examples

This section contains examples of the CLI commands used to configure 802.1X.
Example #1: Configure RADIUS Server for Authentication
This example configures a single RADIUS server used for authentication at 10.10.10.10. The shared
secret is configured to be
uses RADIUS as the authentication method. This authentication list is associated with the 802.1x
default login. 802.1x port based access control is enabled for the system, and interface 1/g1 is configured
to be in force-authorized mode because this is where the RADIUS server and protected network
resources are located.
Figure 5-1. Switch with 802.1x Network Access Control
If a user, or supplicant, attempts to communicate via the switch on any interface except interface 1/g1,
the system challenges the supplicant for login credentials. The system encrypts the provided information
and transmits it to the RADIUS server. If the RADIUS server grants access, the system sets the 802.1x
port state of the interface to authorized and the supplicant is able to access network resources.
console(config)#radius-server host 10.10.10.10
console(Config-radius)#exit
console(config)#radius-server key secret
console(config)#exit
console#show radius-servers
IP address
--------------- ----- ------- ------- -------- --------------- ----- -----
10.10.10.10
86
Device Security
secret
. The process creates a new authentication list, called radiusList, which
Auth. TimeOut Retran. DeadTime
1812 Global Global
source IP
Global Global
Prio. Usage
0 all