Configuring 802.1X Port Authentication; In This Chapter; 802.1X Protocol Overview; 802.1X Configuration Guidelines And Restrictions - Brocade Communications Systems Converged Enhanced Ethernet 8000 Administrator's Manual

Converged enhanced ethernet

Hide thumbs Also See for Converged Enhanced Ethernet 8000:

Hardware reference manual (64 pages)

Reference manual (370 pages)

Administrator's manual (96 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

Table of Contents

Configuring 802.1x Port Authentication

In this chapter

802.1x protocol overview

The 802.1x protocol defines a port-based authentication algorithm involving network data

communication between client-based supplicant software, an authentication database on a server,

and the authenticator device. In this situation the authenticator device is the Brocade FCoE

hardware.

As the authenticator, the Brocade FCoE hardware prevents unauthorized network access. Upon

detection of the new supplicant, the Brocade FCoE hardware enables the port and marks it

"unauthorized". In this state, only 802.1x traffic is allowed. All other traffic, such as DHCP and

HTTP, is blocked. The Brocade FCoE hardware transmits an EAP-request to the supplicant, which

responds with the EAP-response packet. The Brocade FCoE hardware, which then forwards the

EAP-response packet to the RADIUS authentication server. If the credentials are validated by the

RADIUS server database, the supplicant may access the protected network resources.

NOTE

802.1x port authentication is not supported by LAG (Link Aggregation Group) or interfaces that

participate in a LAG.

NOTE

The EAP-MD5, EAP-TLS, EAP-TTLS and PEAP-v0 protocols are supported by the RADIUS server and

are transparent to the authenticator switch.

When the supplicant logs off, it sends an EAP-logoff message to the Brocade FCoE hardware which

then sets the port back to the "unauthorized" state.

802.1x configuration guidelines and restrictions

Follow these 802.1x configuration guidelines and restrictions when configuring 802.1x:

•

Converged Enhanced Ethernet Administrator's Guide

53-1002163-02

DRAFT: BROCADE CONFIDENTIAL

•

802.1x protocol overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

•

802.1x configuration guidelines and restrictions . . . . . . . . . . . . . . . . . . . . 123

•

802.1x authentication configuration tasks . . . . . . . . . . . . . . . . . . . . . . . . . 124

•

Interface-specific administrative tasks for 802.1x . . . . . . . . . . . . . . . . . . . 124

If you globally disable 802.1x, then all interface ports with 802.1x authentication enabled

automatically switch to force-authorized port-control mode.

Chapter

123

Table of Contents

Configuring 802.1X Port Authentication; In This Chapter; 802.1X Protocol Overview; 802.1X Configuration Guidelines And Restrictions - Brocade Communications Systems Converged Enhanced Ethernet 8000 Administrator's Manual

Configuring 802.1x Port Authentication

In this chapter

802.1x protocol overview

802.1x configuration guidelines and restrictions

Related Manuals for Brocade Communications Systems Converged Enhanced Ethernet 8000

Related Content for Brocade Communications Systems Converged Enhanced Ethernet 8000

Table of Contents