DGS-3700-12/DGS-3700-12G Series Layer 2 Gigabit Ethernet Switch User Manual
156
connected to a port on the Switch must be authenticated by the Authentication Server (RAD IUS) before atta ining any
services offered by the Switch on the LAN. The role of the Authentication Server is to certify the identit y of the Client
attempting to access the network by exchanging secure information between the R ADIUS server and the Client
through EAPOL packets and, in turn, informs the Switch whether or no t th e C lie nt is grant ed ac c es s to t h e L A N and /or
switches services.
Figure 5 - 16 The Authentication Server
Authenticator
The Authenticator (the Switch) is an intermediary between the Authentication Server and t he Client. The Aut hentic ator
serves two purposes when utilizing the 802.1X function. The first purpos e is to request certif ication information from
the Client through EAPOL packets, which is the only information allowed to pass through the Authent icator before
access is granted to the Client. The second purpose of the Authenticat or is t o verif y the inform ation gat here d fr om the
Client with the Authentication Server, and to then relay that inform ation back to the Client.
Three steps must be implemented on the Switch to properly configure the Aut henticator.
1. The 802.1X State must be Enabled. (Security / 802.1X / 802.1X Global settings)
2. The 802.1X settings must be implemented by port (Security / 802.1X / 802.1X Port Settings)
3. A RADIUS server must be configured on the Switch. (Security / 802.1X / Authentication RADIUS Server)
Figure 5 - 17 The Authenticator