Chapter 23 Authentication & Accounting

IEEE 802.1x authentication. The port VLAN settings are fixed and untagged. This will also set the port’s VID. The following table describes the values you need to configure. Note that the bolded values in the table are fixed values as defined in RFC 3580.

Table 66 Supported Tunnel Protocol Attribute

FUNCTION ATTRIBUTE

VLAN Assignment Tunnel-Type = VLAN(13)

Tunnel-Medium-Type = 802(6)

Tunnel-Private-Group-ID = VLAN ID

Note: You must also create a VLAN with the specified VID on the Switch.

23.3 Supported RADIUS Attributes

Remote Authentication Dial-In User Service (RADIUS) attributes are data used to define specific authentication, and accounting elements in a user profile, which is stored on the RADIUS server. This section lists the RADIUS attributes supported by the Switch.

Refer to RFC 2865 for more information about RADIUS attributes used for authentication. Refer to RFC 2866 and RFC 2869 for RADIUS attributes used for accounting.

This section lists the attributes used by authentication and accounting functions on the Switch. In cases where the attribute has a specific format associated with it, the format is specified.

23.3.1 Attributes Used for Authentication

The following sections list the attributes sent from the Switch to the RADIUS server when performing authentication.

23.3.1.1 Attributes Used for Authenticating Privilege Access

User-Name

-the format of the User-Name attribute is $enab#$, where # is the privilege level (1~14)

User-Password

NAS-Identifier

NAS-IP-Address

 

201

GS2200-48 User’s Guide