User Manual

UMN:CLI

SURPASS hiD 6615 S223/S323 R1.5

 

 

 

 

 

4.5.1802.1x Authentication

4.5.1.1Enabling 802.1x

To configure 802.1x, the user should enable 802.1x daemon first. In order to enable 802.1x daemon, use the following command.

Command

Mode

Description

 

 

 

dot1x system-auth-control

Global

Enables 802.1x daemon.

 

 

no dot1x system-auth-control

Disables 802.1x daemon.

 

 

 

 

4.5.1.2Configuring RADIUS Server

As RADIUS server is registered in authenticator, authenticator also can be registered in RADIUS server.

Here, authenticator and RADIUS server need extra data authenticating each other be- sides they register each other’s IP address. The data is the key and should be the same value for each other. For the key value, every kinds of character can be used except for the space or special character.

 

 

RADIUS

 

 

Server

[Suppliant]

[Authenticator]

[Authentication Server]

Authentication request

in order

Designate as default

Response

RADIUS server

 

RADIUS Servers

A : 10.1.1.1

B : 20.1.1.1

C : 30.1.1.1

:

J : 100.1.1.1

Fig. 4.2 Multiple Authentication Servers

If you register in several servers, the authentication server starts form RADIUS server registered as first one, then requests the second RADIUS server in case there’s no re- sponse. According to the order of registering the authentication request, the authentica- tion request is tried and the server which responds to it becomes the default server from the point of response time.

A50010-Y3-C150-2-7619

65

Page 65
Image 65
Siemens S223, S323 user manual 1 802.1x Authentication, Enabling, Configuring Radius Server, Authentication Server