Filter
Top Products
Security: 802.1X Authentication
Authenticator Overview
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version) 383
19
See Port Host Modes for more information.
The following authentication methods are supported:
• 802.1x-based—Supported in all authentication modes.
• MAC-based—Supported in all authentication modes.
• WEB-based—Supported only in multi-sessions modes.
In 802.1x-based authentication, the authenticator extracts the EAP messages from
the 802.1x messages (EAPOL frames) and passes them to the authentication
server, using the RADIUS protocol.
With MAC-based or web-based authentication, the authenticator itself executes
the EAP client part of the software.
Authentication Server
An authentication server performs the actual authentication of the client. The
authentication server for the device is a RADIUS authentication server with EAP
extensions.
Authenticator Overview
Port Administrative Authentication States
The port administrative state determines whether the client is granted access to
the network.
The port administrative state can be configured in the Security > 802.1X/MAC/
Web Authentication > Port Authentication page.
The following values are available:
• force-authorized
Port authentication is disabled and the port transmits all traffic in
accordance with its static configuration without requiring any
authentication. The switch sends the 802.1x EAP-packet with the EAP
success message inside when it receives the 802.1x EAPOL-start message.
This is the default state.