Filter
Top Products
Chapter 12: 802.1x Network Access Control
168 Section I: Using the Menus Interface
802.1x Network Access Control Overview
802.1x Network Access Control (IEEE 802.1x) is used to control who can
send traffic through and receive traffic from a switch port. With this feature,
the switch will not allow an end node to send or receive traffic through a
port until the user of the node logs on by entering a username and
password.
This feature can prevent an unauthorized individual from connecting a
computer to a switch port or using an unattended workstation to access
your network resources. Only those users to whom you have assigned a
username and password will be able to use the switch to access the
network.
This feature must be used with the RADIUS authentication protocol and
requires that there be a RADIUS server on your network. The RADIUS
server performs the authentication of the username and password
combinations.
Note
RADIUS with Extensible Authentication Protocol (EAP) extensions
is the only supported authentication server for this feature.
Following are several terms to keep in mind when using this feature.
Supplicant - A supplicant is an end user or end node that wants to
access the network through a switch port. A supplicant is also referred
to as a client.
Authenticator - The authenticator is a port on the switch that prohibits
network access by a supplicant until the network user has entered a
valid username and password.
Authentication server - The authentication server is the network device
that has the RADIUS server software. This is the device that does the
actual authenticating of the user names and passwords from the
supplicants.
The AT-9000/24 Gigabit Ethernet switch does not authenticate the
usernames and passwords from the end users. Rather, the switch acts as
an intermediary between a supplicant and the authentication server during
the authentication process.