Configuring
General Setup Procedure for 802.1X Access Control
Overview: Configuring 802.1X Authentication on the
Switch
This section outlines the steps for configuring 802.1X on the switch. For detailed information on each step, refer to “RADIUS Authentication and Accounting” on page
1.Enable 802.1X authentication on the individual ports you want to serve as authenticators. On the ports you will use as authenticators, either accept the default 802.1X settings or change them, as necessary. Note that, by default, the
2.If you want to provide a path for clients without 802.1X supplicant software to download the software so that they can initiate an authenti- cation session, enable the 802.1X Open VLAN mode on the ports you want to support this feature. Refer to page
3.Configure the 802.1X authentication type. Options include:
•Local Operator username and password (the default). This option allows a client to use the switch’s local username and password as valid 802.1X credentials for network access.
•EAP RADIUS: This option requires your RADIUS server application to support EAP authentication for 802.1X.
•CHAP (MD5) RADIUS: This option requires your RADIUS server application to support CHAP (MD5) authentication.
See page
4.If you select either
5.Enable 802.1X authentication on the switch. See page
6.Test both the authorized and unauthorized access to your system to ensure that the 802.1X authentication works properly on the ports you have configured for
Note | If you want to implement the optional port security feature (step 7) on the |
| switch, you should first ensure that the ports you have configured as 802.1X |
| authenticators operate as expected. |
|
|