Filter
Top Products
U
SER
A
UTHENTICATION
6-20
Transport Layer Security). PEAP will be supported in future releases. The
client responds to the appropriate method with its credentials, such as a
password or certificate. The RADIUS server verifies the client credentials
and responds with an accept or reject packet. If authentication is
successful, the switch allows the client to access the network. Otherwise,
network access is denied and the port remains blocked.
The operation of dot1x on the switch requires the following:
• The switch must have an IP address assigned.
• The IP address of the RADIUS server must be specified.
• 802.1X must be enabled globally for the switch.
• Each switch port that will be used must be set to dot1x “Auto” mode.
• Each client that needs to be authenticated must have dot1x client
software installed and properly configured.
• The RADIUS server and 802.1X client support EAP. (The switch only
supports EAPOL in order to pass the EAP packets from the server to
the client.)
• The RADIUS server and client also have to support the same EAP
encryption method for passing authentication messages – MD5, TLS or
TTLS. Native support for these encryption methods is provided in
Windows XP, and in Windows 2000 with Service Pack 4. To support
these encryption methods in Windows 95 and 98, you can use the
AEGIS dot1x client or other comparable client software.