DES-7200 Configuration Guide Chapter 4 802.1x Configuration
4-5
RADIUS Server), the user is authorized and therefore can freely use network resources.If the
user fails in the authentication and remains in the unauthenticated status, it is possible to
initiate authentication once again. If the communication between the switch and the RADIUS
server is faulty, the user is still unauthorized and therefore still cannot use the network.
When the user sends the EAPOL-LOGOFF packets, its status changes from authorized to
unauthorized.
When a port of the switch changes to the LINK-DOWN status, all the users on the port change
to the unauthorized status.
When the device restarts, all users on the device turn into the unauthorized status.
To force a user to pass the authentication, you can add a static MAC address.
4.1.4 Topologies of Typical
Applications
A. The 802.1x-enabled device is used as the access layer device
This solution is described as below:
Requirements of this solution:
The user supports 802.1x. That is, it is installed with the 802.1x client (Windows XP carried,
Star-supplicant or other IEEE802.1x compliant client software).
The access layer device supports IEEE 802.1x.
One or multiple RADIUS compliant servers are available as the authentication server.