Dell PowerConnect M6348 Configuration Guide - Page 100

Administrative Mode Enabled Port ------1/g8 Admin Mode mac-based Oper Mode -----------Unauthorized Reauth Control -------FALSE Reauth Period ---------3600 Quiet Period 60 Transmit Period 30 Maximum Requests 2 Max Users 3 VLAN Assigned 10 Supplicant Timeout 30 Server Timeout (secs 30 Logical Port ------112 Supplicant MAC-Address 0000.0000.0000 AuthPAE State -------Initialize Backend State -------Idle VLAN Id ----- Username -------- Filter Id ------ 802.1X Authentication and VLANs The PowerConnect M6220/M6348/M8024 switches allow a port to be placed into a particular VLAN based on the result of type of 802.1X authentication a client uses when it accesses the switch. The RADIUS server or IEEE 802.1X Authenticator can provide information to the switch about which VLAN to assign the host (supplicant). When a host connects to a switch that uses a RADIUS server or 802.1X Authenticator to authenticate the host, the host authentication can typically have one of three outcomes: • The host is authenticated. • The host attempts to authenticate but fail because it lacks certain security credentials. • The host is a guest and does not try to authenticate at all. You can create three separate VLANs on the switch to handle hosts depending on whether the host authenticates, fails the authentication, or is a guest. The RADIUS server informs the switch of the selected VLAN as part of the authentication. Authenticated and Unauthenticated VLANs Hosts that authenticate normally use a VLAN that includes access to network resources. Hosts that fail the authentication might be denied access to the network or placed on a "quarantine" VLAN with limited network access. 100 Device Security