especially in Wi-Fi wireless networks. 802.1X holds a network port disconnected until authentication is completed. The switch uses Extensible Authentication Protocol over LANs (EAPOL) to exchange authentication protocol client identity (such as a user name) with the client, and forward it to another remote RADIUS authentication server to verify access rights. The EAP packet from the RADIUS server also contains the authentication method to be used. The client can reject the authentication method and request another, depending on the configuration of the client software and the RADIUS server. Depending on the authenticated results, the port is either made available to the user, or the user is denied access to the network.
The RADIUS servers make the network a lot easier to manage for the administrator by gathering and storing the user lists.
Figure 391 – Security > 802.1X Setting
By default, 802.1X is Disabled. To use EAP for security, select Enabled and set the 802.1X Global Settings for the Radius Server and applicable authentication information.
