Avaya C360 Layer 2 Features
124 Installation and Configuration Guide Avaya C360 Multilayer Stackable Switches, version 4.5
● As a result of an authentication attempt, the C360 port can be either in a "blocked" or a
"forwarding" state.
802.1x interacts with existing standards to perform its authentication operation. Specifically, it
makes use of Extensible Authentication Protocol (EAP) messages encapsulated within Ethernet
frames (EAPOL), and EAP over RADIUS for the communication between the Authenticator and
the Authentication Server.
IEEE 802.1x Implementation in the C360
This section lists the conditions that govern the implementation of the 802.1x standard in the
C360 line:
● You can configure 802.1x on the 10/100 Mbps Ethernet ports only.
● 802.1x can work only if a RADIUS server is configured on the C360 and the RADIUS
server is carefully configured to support 802.1x.
● 802.1x and port/intermodule redundancy can co-exist on the same ports.
● 802.1x and LAGs can coexist on the same ports.
● 802.1x and Spanning Tree can be simultaneously active on a module.
Note:
Note: If either 802.1x or STP/RSTP are in a blocking state, the final state of the port will
be blocked.
● When 802.1x is activated, the application immediately places all ports in a blocking state
unless they were declared "Force Authenticate". They will be reverted to "Forwarding"
state only when the port is authorized by the RADIUS server.
Note:
Note: The actual state of ports configured as "Force Authenticate" is determined by the
STA.
Configuring the C360 for 802.1x
This section lists the basic tasks required to configure a C360 stack for 802.1x. To configure
C360 for 802.1x, do the following:
● Configure a RADIUS server on a network reachable from the C360:
- Create user names and passwords for allowed users.
- Make sure the EAP option is enabled on this server.
● Configure the C360 for RADIUS:
- Configure RADIUS parameters.