Filter
Top Products
XGS-4526/4528F/4728F User’s Guide
187
CHAPTER 18
Port Authentication
This chapter describes the IEEE 802.1x and MAC authentication methods.
18.1 Port Authentication Overview
Port authentication is a way to validate access to ports on the Switch to clients
based on an external server (authentication server). The Switch supports the
following methods for port authentication:
• IEEE 802.1x
2
- An authentication server validates access to a port based on a
username and password provided by the user.
• MAC - An authentication server validates access to a port based on the MAC
address and password of the client.
Both types of authentication use the RADIUS (Remote Authentication Dial In User
Service, RFC 2138, 2139) protocol to validate users. See Section 25.1.2 on page
244 for more information on configuring your RADIUS server settings.
Note: If you enable IEEE 802.1x authentication and MAC authentication on the same
port, the Switch performs IEEE 802.1x authentication first. If a user fails to
authenticate via the IEEE 802.1x method, then access to the port is denied.
18.1.1 IEEE 802.1x Authentication
The following figure illustrates how a client connecting to an IEEE 802.1x
authentication enabled port goes through a validation process. The Switch
prompts the client for login information in the form of a user name and password
after the client responds to its identity request. When the client provides the login
2. At the time of writing, IEEE 802.1x is not supported by all operating systems. See your operating system
documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client
software.