D-Link DES-3028 Product Manual - Page 212
X, 802.1X Port-Based and Host-Based Access Control, 1X
UPC - 790069305375
View all D-Link DES-3028 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 212 highlights
DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch 802.1X 802.1X Port-Based and Host-Based Access Control The IEEE 802.1X standard is a security measure for authorizing and authenticating users to gain access to various wired or wireless devices on a specified Local Area Network by using a Client and Server based access control model. This is accomplished by using a RADIUS server to authenticate users trying to access a network by relaying Extensible Authentication Protocol over LAN (EAPOL) packets between the Client and the Server. The following figure represents a basic EAPOL packet: NOTE: If the client is authenticated with 802.1X authentication it allows the user to force down the authenticated client via SNMP on R2 with the Radius command item in auth.mib(OID: 1.3.6.1.4.1.171.12.3.7) by port based or Host-based. NOTE: If the session timeout attribute on the radius server is set, the client will be off-line when the client authenticated over the timeout value has been configured on the radius server. Figure 10- 14. The EAPOL Packet Utilizing this method, unauthorized devices are restricted from connecting to a LAN through a port to which the user is connected. EAPOL packets are the only traffic that can be transmitted through the specific port until authorization is granted. The 802.1X Access Control method consists of three roles, each of which are vital to creating and maintaining a stable and working Access Control security method. Figure 10- 15. The three roles of 802.1X The following section will explain the three roles of Client, Authenticator and Authentication Server in greater detail. 198