Chapter 10 802.1x

authentication request to a RADIUS server. The RADIUS server validates whether this client is allowed access to the port.

Figure 31 IEEE 802.1x Authentication Process

1

New Connection

2

Login Info Request

3

 

 

4

Login Credentials

 

Authentication Request

5

Authentication Reply

Session Granted/Denied

10.1.2 Guest VLAN

When 802.1x port authentication is enabled on the MES-2110, clients that do not have the correct credentials are blocked from using the port(s). You can configure your MES-2110 to have one Guest VLAN. Traffic coming from the Guest VLAN are directed to the Guest network and can have access to unrestricted areas of the network, such as the Internet. The rights granted to the Guest VLAN depends on how the network administrator configures switches or routers with the Guest network feature.

Note: Use the MES-2110 to assign the Guest VLAN to a port. This assignment should corresponds to the network’s Guest VLAN. The Guest network is not configurable in this MES-2110.

To enable port authentication, first activate the port authentication method (both on the MES-2110 and the port(s)) then configure the RADIUS server settings in the Radius Server Configuration screen (Section 10.4 on page 81).

78

MES-2110 User’s Guide

Page 78
Image 78
ZyXEL Communications MES-2110 manual Guest Vlan, Ieee 802.1x Authentication Process