Filter
Top Products
DES-7200 Configuration Guide Chapter 4 802.1x Configuration
4-7
2. The access layer device should be able to transparently transmit IEEE 802.1x. frames
(EAPOL)
3. The convergence layer device supports 802.1x (playing the role of the authenticator)
4. One or multiple RADIUS compliant servers are available as the authentication server.
Key points for configuration of this solution:
1. The ports connected to the Radius Server and the uplink ports are configured as
uncontrolled ports, so that the switch can normally communicate with the server and
the authorized users can access network resources through the uplink interface.
2. The ports connected to the access layer switches must be set as controlled ports to
control the accessed users, and the users cannot access network resources unless
they first pass the authentication.
Characteristics of this solution:
1. The convergence layer device must be of high quality since the network is large and
numerous users are connected, since any of its fault may cause the failures of many
users to normally access the network.
2. User management is performed on the Radius Server in a centralized manner. The
administrator does not have to know which switch a user is connected to, making
management much easier.
3. The access layer device can be the less expensive non-NM switches (as long as they
support transparent transmission of EAPOL frames).
4. The administrator cannot manage the device on the access layer through the
network.
4.2 Configuring 802.1x
The following sections describe how to configure 802.1x.
Default Configuration of 802.1x
Precautions for Configuring 802.1x
Configuring the communication between the device and Radius server
Setting the 802.1X Authentication Switch
Enabling/Disabling the Authentication of a Port
Enabling Timed Re-authentication
Enabling/Disabling the Filtering of Non-DES-7200 Supplicant
Changing the QUIET Time