Filter
Top Products
Configuring Port and System Security 511
How Does the Authentication Server Assign DiffServ Filters?
The Dell Networking series switches allow the external 802.1X Authenticator
or RADIUS server to assign DiffServ policies to users that authenticate to the
switch. When a host (supplicant) attempts to connect to the network
through a port, the switch contacts the 802.1X authenticator or RADIUS
server, which then provides information to the switch about which DiffServ
policy to assign the host (supplicant). The application of the policy is applied
to the host after the authentication process has completed.
For additional guidelines about using an authentication server to assign
DiffServ policies, see "Configuring Authentication Server DiffServ Filter
Assignments" on page 535.
What is the Internal Authentication Server?
The Internal Authentication Server (IAS) is a dedicated database for localized
authentication of users for network access through 802.1X. In this database,
the switch maintains a list of username and password combinations to use for
802.1X authentication. You can manually create entries in the database, or
you can upload the IAS information to the switch.
If the authentication method for 802.1X is IAS, the switch uses the locally
stored list of username and passwords to provide port-based authentication to
users instead of using an external authentication server. Authentication using
the IAS supports the EAP-MD5 method only.
Default 802.1X Values
Table 19-2 lists the default values for the 802.1X features.
Port/Client
Authenticated
on Guest VLAN
Delete Guest
VLANID through
Dot1Q
Port State: Deny Port State: Permit
VLAN: Default PVID
of the port
NOTE: The IAS database does not handle VLAN assignments or DiffServ policy
assignments.
Table 19-1. IEEE 802.1X Monitor Mode Behavior (Continued)
Case Sub-case Regular Dot1x Dot1x Monitor Mode