280 | Chapter 15. Security Management
ProSafe M4100 and M7100 Managed Switches
802.1x Port Security
This section describes how to configure the 802.1x port security feature on a switch port.
IEEE 802.1x authentication prevents unauthorized clients from connecting to a VLAN unless
these clients are authorized by the server
. 802.1x port security prevent unauthorized clients
from connecting to a VLAN. It can be configured on a per-port basis.
PC 1 PC 2
Layer 2
switch
RADIUS
server
Figure 29. Using 802.1x port security
The following example shows how to authenticate the dot1x users by a RADIUS server. The
management IP address is 10.100.5.33/24. The example is shown as CLI commands and as
a Web interface procedure.
CLI: Authenticating dot1x Users by a RADIUS Server
1. Assign an IP address to 1/0/19, and set force authorized mode to this port, and create a
user name list dot1xList.
(Netgear Switch) #config
(Netgear Switch) (Config)#ip routing
(Netgear Switch) (Config)#interface 1/0/1
(Netgear Switch) (Interface 1/0/1)#routing
(Netgear Switch) (Interface 1/0/1)#ip address 192.168.1.1 255.255.255.0
(Netgear Switch) (Config)#dot1x system-auth-control
(Netgear Switch) (Config)#interface 1/0/19
(Netgear Switch) (Interface 1/0/19)#routing
(Netgear Switch) (Interface 1/0/19)#ip address 10.100.5.33 255.255.255.0
(Netgear Switch) (Interface 1/0/19)#dot1x port-control force-authorized