9

AAA AND RADIUS OPERATION

 

This chapter covers the following topics:

 

IEEE 802.1x

 

Implementing the AAA and RADIUS Protocols

 

Configuring AAA

 

Configuring the RADIUS Protocol

 

Configuring HWTACACS

 

Displaying and Debugging the AAA, RADIUS, and HWTACACS Protocols

 

AAA, RADIUS, and HWTACACS Protocol Configuration Examples

 

Troubleshooting AAA, RADIUS, and HWTACACS Configurations

 

 

IEEE 802.1x

IEEE 802.1x (referred to as 802.1x) is a port-based network access control protocol

 

that is used as the standard for LAN user access authentication.

In LANs that comply with IEEE 802 standards, the user can access devices and share resources in the LAN by connecting a device such as a LAN Switch. In telecom access, commercial LAN (a typical example is the LAN in the office building) and mobile office, etc., the LAN providers generally aim to control the user’s access. The requirement on the above-mentioned “port-based network access control” is the most applicable.

As the name implies, “port-based network access control” means to authenticate and control all accessed devices on the port of the device. If the user’s device can pass authentication, the user can access resources in the LAN.

802.1x defines port based network access control protocol, and the point-to-point connection between the access device and the access port, only. The port can be either physical or logical. A typical application environment is as follows: Each physical port of the LAN Switch only connects to one user workstation (based on the physical port) and the wireless LAN access environment (based on the logical port), etc.

Configuring IEEE 802.1x is described in the following sections:

802.1x System Architecture

Configuring 802.1x

802.1x System The system using 802.1x is a typical C/S (Client/Server) system architecture. It Architecture contains three entities: Supplicant System, Authenticator System and

Authentication Server System.

Page 207
Image 207
3Com 10014298 manual Ieee