Netgear GS418TPP User Manual - Page 439
X Example Configuration, Authenticator, Supplicant, Authentication server, Port Control
View all Netgear GS418TPP manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 439 highlights
ProSAFE 8-Port or 16-Port Gigabit Smart Managed Switch Model GS418TPP, GS510TLP, and GS510TPP A port access entity (PAE) is able to adopt one of two distinct roles within an access control interaction: 1. Authenticator. A port that enforces authentication before allowing access to services available through that port. 2. Supplicant. A port that attempts to access services offered by the authenticator. Additionally, there exists a third role: 3. Authentication server. Performs the authentication function necessary to check the credentials of the supplicant on behalf of the authenticator. All three roles are required for you to complete an authentication exchange. The switch supports the authenticator role only, in which the PAE is responsible for communicating with the supplicant. The authenticator PAE is also responsible for submitting the information received from the supplicant to the authentication server for the credentials to be checked, which determines the authorization state of the port. The authenticator PAE controls the authorized/unauthorized state of the controlled port depending on the outcome of the RADIUS-based authentication process. Figure 1. 802.1X authentication roles 802.1X Example Configuration This example shows how to configure the switch so that 802.1X-based authentication is required on the ports in a corporate conference room (1/0/5-1/0/8). These ports are available to visitors and must be authenticated before access is granted to the network. The authentication is handled by an external RADIUS server. When the visitor is successfully authenticated, traffic is automatically assigned to the guest VLAN. This example assumes that a VLAN was configured with a VLAN ID of 150 and VLAN name of Guest. 1. On the Port Authentication page, select ports 1/0/5, 1/0/6, 1/0/7, and 1/0/8. 2. From the Port Control menu, select Unauthorized. The selection from the Port Control menu for all other ports on which authentication is not needed must be Authorized. When the selection from the Port Control menu is Authorized, the port is unconditionally put in a force-authorized state and does not Configuration Examples 439