Table 337: Components Of The Supplicant Mode Configuration Topology - Juniper JUNOS OS 10.3 - SOFTWARE Manual

Table 337: Components of the Supplicant Mode Configuration Topology

Property
Switch hardware
Connections to Avaya phones—with integrated hub, to
connect phone and desktop PC to a single port; (requires
PoE)
Configuration of 802.1X to Support Multiple Supplicant Modes
CLI Quick
Configuration
Step-by-Step
Procedure
Copyright © 2010, Juniper Networks, Inc.
To configure the administrative modes to support supplicants in different areas of the
Enterprise network:
Configure access port ge-0/0/8
Configure access port
ge-0/0/9
Configure access port
ge-0/0/11
Single supplicant mode authenticates only the first end device that connects to an
authenticator port. All other end devices connecting to the authenticator port after the
first has connected successfully, whether they are 802.1X-enabled or not, are permitted
free access to the port without further authentication. If the first authenticated end device
logs out, all other end devices are locked out until an end device authenticates.
Single-secure supplicant mode authenticates only one end device to connect to an
authenticator port. No other end device can connect to the authenticator port until the
first logs out.
Multiple supplicant mode authenticates multiple end devices individually on one
authenticator port. If you configure a maximum number of devices that can be connected
to a port through port security, the lesser of the configured values is used to determine
the maximum number of end devices allowed per port.
To configure 802.1X authentication to support multiple end devices, perform these tasks:
To quickly configure the ports with different 802.1X authentication modes, copy the
following commands and paste them into the switch terminal window:
[edit]
set protocols dot1x authenticator interface ge-0/0/8 supplicant single
set protocols dot1x authenticator interface ge-0/0/9 supplicant single-secure
set protocols dot1x authenticator interface ge-0/0/11 supplicant multiple
Configure the administrative mode on the interfaces:
Configure the supplicant mode as single on interface
1.
[edit protocols]
user@switch# set dot1x authenticator interface ge-0/0/8 supplicant single
Configure the supplicant mode as single secure on interface
2.
Chapter 82: Examples: Access Control Configuration
Settings
EX4200 switch, 24 Gigabit Ethernet ports: 8 PoE ports (
through ) and 16 non-PoE ports (
ge-0/0/7
)
ge-0/0/23
, , and
ge-0/0/8 ge-0/0/9 ge-0/0/11
for single supplicant mode authentication.
for single secure supplicant mode authentication.
for multiple supplicant mode authentication.
ge-0/0/0
through
ge-0/0/8
:
ge-0/0/8
:
ge-0/0/9
2571