Filter
Top Products
DES-7200 Configuration Guide Chapter 4 802.1x Configuration
4-28
4.2.19 Configuring the
Authentication Mode
In the standard, the 802.1x implements authentication through the EAP-MD5. The 802.1X
designed by DES-7200 can perform authentication through both the EAP-MD5 (default) mode
and the CHAP and PAP mode. The advantage of the CHAP is that it reduces the
communication between the switch and the RADIUS SERVER, thus alleviating the pressure
on the RADIUS SERVER. Same as the CHAP mode, the communication between the PAP
and RADIUS SERVER occurs only once. Although the PAP mode is not recommended for its
poor security, it can meet the special needs of the user in some cases. For example, when the
security server used only supports the PAP authentication mode, this mode can be selected to
fully exploit the existing resources, protecting the existing investment.
In the privileged mode, you can set the authentication mode of the 802.1x by performing the
following steps:
Command Function
configure terminal
Enter the global configuration mode.
dot1x auth-mode mode
Configure the authentication mode
end
Return to the privileged mode.
write
Save the configuration.
show dot1x
Show the configuration.
The following example configures the authentication mode to the CHAP mode:
DES-7200# configure terminal
DES-7200(config)# dot1x auth-mode CHAP
DES-7200(config)# end
DES-7200# show dot1x
802.1X Status: Disabled
Authentication Mode: CHAP
Authed User Number: 0
Re-authen Enabled: Disabled
Re-authen Period: 3600 sec
Quiet Timer Period: 10 sec
Tx Timer Period: 3 sec
Supplicant Timeout: 3 sec
Server Timeout: 5 sec
Re-authen Max: 3 times
Maximum Request: 3 times
Client Oline Probe: Disabled
Eapol Tag Enable: Disabled
Authorization Mode: Group Server
4.2.20 Configure the backup
authentication server.
Our 802.1x-based authentication system can support the backup server.When the master