Authenticator Port Operating Modes; Single Host Mode; Multiple Host Mode - Allied Telesis AT-9000/28 Command Line User's Manual

Alliedware plus version 2.1.2 management software for layer 2-4 gigabit ethernet ecoswitches

Hide thumbs Also See for AT-9000/28:

Table of Contents

Chapter 54: 802.1x Port-based Network Access Control

Authenticator Port Operating Modes

Multiple Host

The switch supports three authenticator modes:

Single host mode

Multiple supplicant mode

An authenticator port set to the single host mode permits only one

supplicant to log on and forwards only the traffic of that supplicant. After

one supplicant has logged on, the port discards packets from any other

In Figure 121, port 6 is an authenticator port set to the single host mode. It

permits only one supplicant to log on and forwards the traffic of just that

Role: Authenticator

Operating Mode: Single Host

This mode permits multiple clients on an authenticator port. An

authenticator mode forwards packets from all clients once one client has

successfully logged on. This mode is typically used in situations where

you want to add 802.1x port-based network access control to a switch port

that is supporting multiple clients, but do not want to create individual

accounts for all the clients on the RADIUS server.

This is referred to as "piggy-backing." After one client has successfully

logged, the port permits the other clients to piggy-back onto the initial

client's log on, so that they can forward packets through the port without

being authentication.

Note, however, that should the client who performed the initial log on fail to

Authenticated Client

Figure 121. Single Host Mode

Gigabit Ethernet Switch with 4 Combo SFP Ports

Authentication

Section VIII: Port Security

At-9000/52 At-9000/28sp