AT-GS950/16PS Switch Web Interface User’s Guide
273
RADIUS ClientYou can use the RADIUS client with 802.1x port-based access control to
authenticate which packets are forwarded through the switch. This section
explains how to configure the RADIUS client on the switch and contains
the following sections:
“Overview” on page 273
“Radius Client Configuration” on page 274
Note
To activate the RADIUS feature, you must also configure the port-
based network access control feature. See “Port Access Control” on
page 268.
Note
To permanently save your new settings or any changes to the
configuration file, select Save Configuration to Flash from the
main menu on the left side of the page.
Overview RADIUS (Remote Authentication Dial In User Services) is an
authentication protocol for enhancing the security of your network. The
protocol transfers the task of authenticating network access from a
network device to an authentication protocol server.
The AT-S112 Management software comes with RADIUS client software.
You can use the client software together with 802.1x port-based access
control. To control which end users and end nodes can send packets
through the switch, you can configure the RADIUS client at “Radius Client
Configuration” on page 274.
General
Guidelines
The following guidelines apply when using the RADIUS protocol.
You must install RADIUS server software on a network server or
management station. Authentication protocol server software is not
available from Allied Telesis.
The RADIUS server must communicate with the switch through a port
that is an untagged member of the Default VLAN and is configured for
Forced-Authorized (802.1x) port control.
If the RADIUS server is on a different subnet from switch, be sure to
specify a System Default Gateway in the IP Setup Page, so that the
switch and server can communicate with each other via the gateway.
See “Configuration of IP Address, Subnet Mask and Gateway
Address” on page 30.