Netgear GS716Tv2 GS716Tv2/GS724Tv3 Software Admin Manual - Page 236

GS716Tv2 and GS724Tv3 Software Administration Manual Supplicant Authenticator Switch Authentication Server (RADIUS) 192.168.10.23 Supplicant Figure B-2 802.1X Example Configuration This example shows how to configure the switch so that 802.1X-based authentication is required on the ports in a corporate conference room (g21-g24). These ports are available to visitors and need to be authenticated before granting access to the network. The authentication is handled by an external RADIUS server. When the visitor is successfully authenticated, traffic is automatically assigned to the guest VLAN. This example assumes that a VLAN has been configured with a VLAN ID of 150 and VLAN Name of Guest. 1. From the Port Authentication screen, select ports g21, g22, g23, and g24. 2. From the Port Control menu, select Unauthorized. The Port Control setting for all other ports where authentication is not needed should be Auto or Authorized. When the Port Control setting is Authorized, the port is unconditionally put in a force-Authorized state and does not require any authentication. When the Port Control setting is Auto, the authenticator PAE sets the controlled port mode 3. In the Guest VLAN field for ports g21-g24, enter 150 to assign these ports to the guest VLAN. You can configure additional settings to control access to the network through the ports. See "Port Security Interface Configuration" on page 5-35 for information about the settings. 4. Click Apply. 5. From the 802.1X Configuration screen, set the Port Based Authentication State and Guest VLAN Mode to Enable, and then click Apply (See "Port Security Configuration" on page 5-34). B-10 v1.0, July 2009 Configuration Examples