TP-Link OC200 Omada Controller Software 4.1.5Windows/Linux User Guide - Page 180
X, ports but denies the unauthenticated clients.
![]() |
View all TP-Link OC200 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 180 highlights
Chapter 4 4. 9. 2 802.1X Configure the Network with Omada SDN Controller Overview 802.1X provides port-based authentication service to restrict unauthorized clients from accessing to the network through publicly accessible switch ports. An 802.1X-enabled port allows only authentication messages and forbids normal traffic until the client passes the authentication. 802.1X authentication uses client-server model which contains three device roles: client/supplicant, authenticator and authentication server. This is described in the figure below: Clients Switch Authenticator Authentication Server ■■ Client A client, usually a computer, is connected to the authenticator via a physical port. We recommend that you install TP-Link 802.1X authentication client software on the client hosts, enabling them to request 802.1X authentication to access the LAN. ■■ Authenticator An authenticator is usually a network device that supports 802.1X protocol. As the above figure shows, the switch is an authenticator. The authenticator acts as an intermediate proxy between the client and the authentication server. The authenticator requests user information from the client and sends it to the authentication server; also, the authenticator obtains responses from the authentication server and sends them to the client. The authenticator allows authenticated clients to access the LAN through the connected ports but denies the unauthenticated clients. ■■ Authentication Server The authentication server is usually the host running the RADIUS server program. It stores information of clients, confirms whether a client is legal and informs the authenticator whether a client is authenticated. Based on authenticated identity, 802.1X can also deliver customized services. For example, 802.1X and VLAN Assignment together make it possible to assign different authenticated users to different VLANs automatically. 178
![](/manual_guide/products/tplink-omada-software-controller-omada-controller-software-415windowslinux-user-guide-e154318/180.png)