Table of Contents
Advertisement
Overview and Topology
Copyright © 2010, Juniper Networks, Inc.
Configured users on the RADIUS authentication server (in this example, the user profiles
for Supplicant 1 and Supplicant 2 in the topology are modified on the RADIUS server).
When the 802.1X configuration on an interface is set to
can apply a single port firewall filter configured through the Junos OS CLI on the EX Series
switch to any number of end devices (supplicants) on one interface by adding the filter
centrally to the RADIUS server. Only a single filter can be applied to an interface; however,
the filter can contain multiple terms for separate end devices.
For more information about firewall filters, see "Firewall Filters for EX Series Switches
Overview" on page 3225.
RADIUS server attributes are applied to end devices after the devices are successfully
authenticated using 802.1X. To authenticate an end device, the switch forwards the end
device's credentials to the RADIUS server. The RADIUS server matches the credentials
against preconfigured information about the supplicant located in the supplicant's user
profile on the RADIUS server. If a match is found, the RADIUS server instructs the switch
to open an interface to the end device. Traffic then flows from and to the end device on
the LAN. Further instructions configured in the port firewall filter and added to the end
device's user profile using a RADIUS server attribute further define the access that the
end device is granted. Filtering terms configured in the port firewall filter are applied to
the end device after 802.1X authentication is complete.
Figure 64 on page 2796 shows the topology used for this example. The RADIUS server is
connected to an EX4200 switch on access port
are accessing the LAN on interface
00:50:8b:6f:60:3a
. Supplicant 2 has the MAC address
Chapter 88: Examples: Access Control Configuration
multiple
. Two end devices (supplicants)
ge-0/0/10
. Supplicant 1 has the MAC address
ge-0/0/2
00:50:8b:6f:60:3b
supplicant mode, you
.
2795
Advertisement
Chapters
Table of Contents
Troubleshooting
